07-01-2020 12:38 PM
I need to come up with a baseline syslog script for XR and XE platforms and integrate them both with CoPP but the documentation I search doesn't cover both topics or how to change the port. I see some commands for switches to change the port but the ASR 9000 XR docuemntation doesn't show that as an option. Is there someone out there good with documentation that can provide me with some documentation with the correct command syntax and detailed show commands to verify configuration?
I need
1: Hardened remote XR syslog basline script and a CoPP ACL to allow that conversation to occur.
2. Hardened remote XE syslog basline script and a CoPP ACL to allow that conversation to occur.
3. Configure a different syslog port beside UDP 514.
4. Source the syslogs from a specific IP address not just the interface it went out on.
Matt
07-02-2020 09:58 AM
Hi Matt,
XR uses LPTS instead of CoPP.
I am not sure what is meant by baseline script? If you enable a syslog server in your configuration then it will stream to the server, we don't support TCP based syslog.
RP/0/RP0/CPU0:NCS-55A1-A(config)#logging ?
A.B.C.D or X:X::X IP v4/v6 address of the logging host
WORD Name of the logging host
archive logging to a persistent device(disk/harddisk)
buffered Set buffered logging parameters
console Set console logging
correlator Configure properties of the event correlator
events Configure event monitoring parameters
facility Modify message logging facilities
file Set file logging
format Specify syslog message format send to the server
history Set history logging
hostnameprefix Hostname prefix to add on msgs to servers
ipv4 Mark the dscp/precedence bit for ipv4 packets
ipv6 Mark the dscp/precedence bit for ipv6 packets
localfilesize Set size of the local log file
monitor Set monitor logging
source-interface Specify interface for source address in logging transaction
s
suppress Configure properties for the event suppression
suppress Suppress logging behaviour
tls-server Secure server over tls
trap Set trap logging
RP/0/RP0/CPU0:NCS-55A1-A(config)#logging 1.1.1.1 ?
port Set UDP port for this remote host/vrf
severity Set severity of messages for particular remote host/vrf
vrf Set VRF option
RP/0/RP0/CPU0:NCS-55A1-A(config)#logging 1.1.1.1 port 65000
RP/0/RP0/CPU0:NCS-55A1-A(config)#logging 1.1.1.1 severity debugging
RP/0/RP0/CPU0:NCS-55A1-A(config)#logging source-interface loopback 1
RP/0/RP0/CPU0:NCS-55A1-A(config)#show
Thu Jul 2 16:43:30.909 UTC
Building configuration...
!! IOS XR Configuration 7.1.1
logging 1.1.1.1 vrf default severity debugging
logging source-interface Loopback1
end
Sam
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide