Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2733
Views
5
Helpful
5
Replies

WLC Default Syslog Settings

scot.bell1
Level 1
Level 1

‎04-22-2016 11:18 AM - edited ‎07-05-2021 04:56 AM

WLC 8510 running 8.0.121.0.

Currently I'm not capturing syslog to any external host, no IP address entered for a syslog server in Management => Logs => Config

Syslog level is set to ERRORS and Facility is "Local use 0"

WLC Config Analyzer 4.16 gives Best Practice message below:

20017,AP: Syslog messages are sent to broadcast address, if there are errors reported by many APs, and there are too many APs per vlan, this can cause broadcast storms. For best practices, it is better to configure to individual server.

How can I make sure the APs are not broadcasting the syslog messages ?   

Labels:
0 Helpful
5 Replies 5

Rasika Nayanajith
VIP Alumni
VIP Alumni

‎04-22-2016 12:54 PM

By using the below CLI command you can configure a syslog server IP for all your APs. This is the way to stop AP broadcasting syslog msgs

(WLC)> config ap syslog host global x.x.x.x

HTH

Rasika

*** Pls rate all useful responses ***

scot.bell1
Level 1
Level 1
In response to Rasika Nayanajith

‎04-25-2016 09:40 AM

Thank you Rasika,

My problem I don't have a Syslog server that can handle all the traffic from the APs.  

Are you suggesting setting an Address even if it is not a syslog server so at least the APs send to unicast on that address and stop broadcasting ?

0 Helpful

Rasika Nayanajith
VIP Alumni
VIP Alumni
In response to scot.bell1

‎04-27-2016 10:45 PM

Yes, even if you put some dummy IP address AP will send syslog to that adress & your network will drop it.

HTH

Rasika

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to Rasika Nayanajith

‎04-28-2016 06:22 AM

Rasika is right... In all of my deployments, if there is no syslog server in the network, I have used a dummy IP address with the command Rasika mentions.

-Scott

*** Please rate helpful posts ***

-Scott
*** Please rate helpful posts ***
0 Helpful

mohanak
Cisco Employee
Cisco Employee

‎04-25-2016 07:28 PM

For VLANs with lots of APS, if there are broadcast traffic generating syslog alerts from the AP, as the APs will be generating syslog to a broadcast destination, this can generate a increase in the total broadcast traffic level on the VLAN. The syslog function is very useful for troubleshooting APs which have not joined controller, but for normal operation is better to have it pointing to a unicast server address.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card