Detailed syslog from WAP4410n

lastochka · ‎06-19-2012

Hi

I need to count traffic used by each device connected to the access point.

The manual says:

In addition to the standard event log, the access point can send a

detailed log to an external Syslog server. The access point’s Syslog

captures all log activities and includes this information about all data

transmissions: every connection source and destination IP address, IP

server, and number of bytes transferred.

How do I get that detailed log sent to a local IP address? All I managed to get so far is standard log - configuration changes and autenthication mesages.

alepatte · ‎06-22-2012

Hi Yana,

Thank you for contacting Cisco Small Business Forum.

In the device, under the Administration-->Log tabs you can select what type of logs you would like to receive.

The following options are available for you on this device:

- unauthorized access;

- authorised access;

- system error message;

- configuration changes;

You have to enable all those in order to see all ofthem. If you have only System Error and Configuration changes enabled for logging, then that all you will get.

Hope that helps.

Sincerely,

Alena Patterson

Cisco SBSC engineer

CCNA

lastochka · ‎06-24-2012

Alena, thanks for your reply.

Yes, I did all that and this is the kind of log I get from the device:

Jun 23 16:17:22 kernel: [][90:C1:15:1D:88:A4] SUBTYPE_AUTH

Jun 23 16:17:22 kernel: [Ilyana][90:C1:15:1D:88:A4] Open Authentication

Jun 23 16:17:22 kernel: [Ilyana][90:C1:15:1D:88:A4] Associated

Jun 23 16:17:32 kernel: [Ilyana][90:C1:15:1D:88:A4] Deauthenticated

Jun 23 17:31:24 kernel: [][E0:2A:82:AC:6D:CB] SUBTYPE_AUTH

Jun 23 17:31:24 kernel: [Ilyana][E0:2A:82:AC:6D:CB] Open Authentication

Jun 23 17:31:24 kernel: [Ilyana][E0:2A:82:AC:6D:CB] Associated

Jun 23 18:12:54 kernel: [][88:53:2E:50:11:FD] SUBTYPE_AUTH

Jun 23 18:12:54 kernel: [Lily][88:53:2E:50:11:FD] Open Authentication

Jun 23 18:12:54 kernel: [Lily][88:53:2E:50:11:FD] Associated

Jun 23 19:19:06 kernel: [][90:C1:15:1D:88:A4] SUBTYPE_AUTH

Jun 23 19:19:06 kernel: [Ilyana][90:C1:15:1D:88:A4] Open Authentication

Jun 23 19:19:06 kernel: [Ilyana][90:C1:15:1D:88:A4] Associated

Jun 23 19:19:17 kernel: [Ilyana][90:C1:15:1D:88:A4] Deauthenticated

Jun 23 19:40:12 kernel: [][F8:1E:DF:E2:CB:9A] SUBTYPE_AUTH

Jun 23 19:40:12 kernel: [Kim][F8:1E:DF:E2:CB:9A] Open Authentication

Jun 23 19:40:12 kernel: [Kim][F8:1E:DF:E2:CB:9A] Associated

Jun 23 19:49:35 kernel: [][90:C1:15:1D:88:A4] SUBTYPE_AUTH

Jun 23 19:49:35 kernel: [Ilyana][90:C1:15:1D:88:A4] Open Authentication

Jun 23 19:49:35 kernel: [Ilyana][90:C1:15:1D:88:A4] Associated

Jun 23 19:49:45 kernel: [Ilyana][90:C1:15:1D:88:A4] Deauthenticated

Jun 23 20:08:46 kernel: [Kim][F8:1E:DF:E2:CB:9A] DisAssociated

What category does the detailed log falls into? or how else do I recieve it?

here is the cut-out from the manual:

In addition to the standard event log, the access point can send a

detailed log to an external Syslog server. The access point’s Syslog

captures all log activities and includes this information about all data

transmissions: every connection source and destination IP address, IP

server, and number of bytes transferred.

(middle of the page 46 of Administration Guide: http://www.cisco.com/en/US/docs/wireless/access_point/csbap/wap4410n/administration/guide/WAP4410N_Admin_Guide.pdf)