Is it possible to log authentication requests from an Access Point to the syslog server?
By default, Access Points (APs) send the output from system messages and debug privileged EXEC commands to a logging process. The logging process controls the distribution of logging messages to various destinations, such as the logging buffer, terminal lines, or a UNIX syslog server, depending on your configuration. The process also sends messages to the console.
Defining the Message Severity Level
You can limit messages displayed to the selected device by specifying the severity level of the message, which are described in Table.
Beginning in privileged EXEC mode, follow these steps to define the message severity level:
Enter global configuration mode.
logging console level
Limit messages logged to the console. By default, the console receives debugging messages and numerically lower levels.
logging monitor level
Limit messages logged to the terminal lines. By default, the terminal receives debugging messages and numerically lower levels.
logging trap level
Limit messages logged to the syslog servers.By default, syslog servers receive informational messages and numerically lower levels. For complete syslog server configuration steps, see the "Configuring UNIX Syslog Servers" section.
Return to privileged EXEC mode.
Verify your entries.
copy running-config startup-config
(Optional) Save your entries in the configuration file.
Specifying a level causes messages at that level and numerically lower levels to be displayed at the destination.
To disable logging to the console, use the no logging console global configuration command. To disable logging to a terminal other than the console, use the no logging monitorglobal configuration command. To disable logging to syslog servers, use the no logging trap global configuration command.
Table describes the level keywords. It also lists the corresponding UNIX syslog definitions from the most severe level to the least severe level.
Message Logging Level Keywords
Immediate action needed
Normal but significant condition
Informational messages only
The software generates four other categories of messages:
•Error messages about software or hardware malfunctions, displayed at levels warnings through emergencies. These types of messages mean that the functionality of the access point is affected.
•Output from the debug commands, displayed at the debugging level. Debug commands are typically used only by the Technical Assistance Center (TAC).
•Interface up or down transitions and system restart messages, displayed at the notifications level. This message is only for information; access point functionality is not affected.
•Reload requests and low-process stack messages, displayed at the informational level. This message is only for information; access point functionality is not affected.
Authentication request log messages are not logged on to a syslog server. This feature is not supported on Cisco Aironet access points.
Release notes / product overview / data sheet / FAQ
My ultimate goal is that I want to be able to contain rogue AP's that are detected broadcasting (spoofing) SSID's that our controller is broadcasting. I see that this can easily be done at: Security>Wireless Protection Policies>Rogue Polices>...
hello, I have a wireless network built with Cisco WLC 5520 (in HA), AP 2800. WLC is running code 126.96.36.199. Randomly, client roaming goes wrong, all I can found in the debug client is this :xx:xx:xx:xx:xx:xx : MAC of clientyy:yy:yy:yy:yy:yy : BS...
If there any reason why there are no 802.11AX network adapters (except for Intel AX200)?There are tons of routers available with 802.11AX already but nearly no client devices. From what I remember at the time of release 802.11AC, there were a bunch of ada...
Hello,I’m configuring a wireless bridge using two AP1562I-E-K9 in mesh with Mobility Express.The AP are powered by catalyst C3650C-8PC-S switches.During startup the AP is unable to connect to the controller and I see the messages “Radio1 not started, not ...