{"id":3133,"date":"2015-12-30T12:24:02","date_gmt":"2015-12-30T12:24:02","guid":{"rendered":"http:\/\/www.esds.co.in\/kb\/?p=3133"},"modified":"2015-12-30T12:24:02","modified_gmt":"2015-12-30T12:24:02","slug":"centralizing-logs-with-cisco-to-a-remote-server","status":"publish","type":"post","link":"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/","title":{"rendered":"Centralizing Logs with Cisco to a Remote Server"},"content":{"rendered":"<p><img loading=\"lazy\" class=\"aligncenter size-full wp-image-3134\" src=\"http:\/\/www.esds.co.in\/kb\/wp-content\/uploads\/2015\/12\/Sending-logs-to-a-Remote-Server-with-Cisco.png\" alt=\"Sending logs to a Remote Server with Cisco\" width=\"674\" height=\"331\" srcset=\"https:\/\/www.esds.co.in\/kb\/wp-content\/uploads\/2015\/12\/Sending-logs-to-a-Remote-Server-with-Cisco.png 674w, https:\/\/www.esds.co.in\/kb\/wp-content\/uploads\/2015\/12\/Sending-logs-to-a-Remote-Server-with-Cisco-300x147.png 300w\" sizes=\"(max-width: 674px) 100vw, 674px\" \/><\/p>\n<ul>\n<li>Summary<\/li>\n<li>Whose interests?<\/li>\n<li>Cisco Configuration to export the logs<\/li>\n<li>Server setup and visualization of Cisco logs<\/li>\n<\/ul>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_77 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/#Summary\" >Summary:<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/#Whose_interests\" >Whose interests?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/#Cisco_Configuration_to_export_the_logs\" >Cisco Configuration to export the logs<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/#Server_setup_and_visualization_of_Cisco_logs\" >Server setup and visualization of Cisco logs<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Summary\"><\/span>Summary:<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify\">Today, we will study the interest of centralized logs and especially how to do it for Cisco Systems (router, switch\u2026). You will as well find the procedure from the command line as Cisco to send some or all of your logs to a remote server. Anyway, in this tutorial we are assuming you already have an operational log server.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Whose_interests\"><\/span>Whose interests?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify\">First, we must understand what can bring the centralization of logs in architecture and specifically for network elements. Centralization may have several benefits, but its main function is to be able to recover a history of events that occurred on a machine or on an entire network when machines are no longer available.<\/p>\n<p style=\"text-align: justify\">This can be useful, for example, a hacking attempt have driven machine damage or destructed the logs or if equipment fault occurs. The centralization of logs will then allow us to trace the events that led to the unavailability of the machine. On the other hand, centralization of logs may have a goal of control and supervision. One can indeed want to centralize the logs of a set of machines for better monitoring, indexing or the graph in a system as Kibana.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Cisco_Configuration_to_export_the_logs\"><\/span>Cisco Configuration to export the logs<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>1) Since the configuration is present on the command line, we will start by opening a terminal. Once on it, we will change the mode as enable:<\/p>\n<pre style=\"font-family: monospace;font-size: 0.99em;width: 99%;height: 5%;border: green 2px solid;color: yellow;background-color: #000000\">ena<\/pre>\n<p>2) It is important to note that the timestamp, i.e. the time that will be exported logs is of particular importance in the system of centralized logs. It makes it possible to accurately trace logs across multiple machines. This is why the first thing to do is put our machine on the right date and at the right time.<\/p>\n<pre style=\"font-family: monospace;font-size: 0.99em;width: 99%;height: 5%;border: green 2px solid;color: yellow;background-color: #000000\">clock set 20:11:00 November 25 2015<\/pre>\n<p>3) We will then change the mode configuration to set sending logs.<\/p>\n<pre style=\"font-family: monospace;font-size: 0.99em;width: 99%;height: 5%;border: green 2px solid;color: yellow;background-color: #000000\">conf t<\/pre>\n<p>4) We start by activating the timestamp of the logs:<\/p>\n<pre style=\"font-family: monospace;font-size: 0.99em;width: 99%;height: 5%;border: green 2px solid;color: yellow;background-color: #000000\">service timestamps<\/pre>\n<p>5) Then configures various parameters to the sending of logs, it starts with the remote server IP:<\/p>\n<pre style=\"font-family: monospace;font-size: 0.99em;width: 99%;height: 5%;border: green 2px solid;color: yellow;background-color: #000000\">logging xxx.xxx.xx.xx<\/pre>\n<p>6) Then you can specify the log facility that will allow us, on the remote server, sort the logs, for example:<\/p>\n<pre style=\"font-family: monospace;font-size: 0.99em;width: 99%;height: 5%;border: green 2px solid;color: yellow;background-color: #000000\">logging facility local5<\/pre>\n<p style=\"text-align: justify\">Also an important thing to do is to configure the log-level from which one will take care to send the logs. For various reasons such as performance, you may not want to send all logs to the remote server then we will choose to send logs from a certain level of criticality. Generally, there are these log levels:<\/p>\n<p>* 7 &#8211; debugging<\/p>\n<p>* 6- informational<\/p>\n<p>* 5 &#8211; notifications<\/p>\n<p>* 4 &#8211; warnings<\/p>\n<p>* 3 &#8211; errors<\/p>\n<p>* 2 &#8211; critical<\/p>\n<p>* 1 &#8211; alerts<\/p>\n<p>* 0 &#8211; emergencies<\/p>\n<p style=\"text-align: justify\">You will understand the log level \u201c0\u201d is the most critical case and \u201c7\u201d is the most talkative if many logs are produced. As part of the tutorial, we will for instance send logs of 6-0, so we set the value to \u201cinformational\u201d:<\/p>\n<pre style=\"font-family: monospace;font-size: 0.99em;width: 99%;height: 5%;border: green 2px solid;color: yellow;background-color: #000000\">logging trap informational<\/pre>\n<p style=\"text-align: justify\">Our Cisco system will now begin to send its logs to the remote server. With this configuration we can now summarize by returning mode enable and then entering \u201cshow logging\u201d.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Server_setup_and_visualization_of_Cisco_logs\"><\/span><strong>Server setup and visualization of Cisco logs<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify\">Now that we have configured our Cisco router to send logs to the remote log server must be known to set apart these logs. In Rsyslog, system used in the tutorial on the centralization of logs we mentioned above, go the file \u201c\/etc\/rsyslog.conf\u201d and add the following line to all incoming logs in log-facility 4 are place in a specific file. For example:<\/p>\n<pre style=\"font-family: monospace;font-size: 0.99em;width: 99%;height: 5%;border: green 2px solid;color: yellow;background-color: #000000\">local4.* \/var\/log\/cisco<\/pre>\n<p>Then we restart this service:<\/p>\n<pre style=\"font-family: monospace;font-size: 0.99em;width: 99%;height: 5%;border: green 2px solid;color: yellow;background-color: #000000\">service rsyslog restart<\/pre>\n<p>We now need to test our export log Cisco, cause of event logging. Then we will see the file configured in Rsyslog to receive files log-facility 4 logs of our Cisco Router.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Summary Whose interests? Cisco Configuration to export the logs Server setup and visualization of Cisco logs Summary: Today, we will study the interest of centralized logs and especially how to do it for Cisco Systems (router, switch\u2026). You will as well find the procedure from the command line as Cisco to send some or all&#8230; <\/p>\n<div class=\"clear\"><\/div>\n<p><a href=\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/\" class=\"gdlr-button small excerpt-read-more\">Read More<\/a><\/p>\n","protected":false},"author":14,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[624],"tags":[676,677],"aioseo_notices":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v15.9.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Centralizing Logs with Cisco to a Remote Server<\/title>\n<meta name=\"description\" content=\"Today, we will study the interest of centralized logs and especially how to do it for Cisco Systems (router, switch\u2026).\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Centralizing Logs with Cisco to a Remote Server\" \/>\n<meta property=\"og:description\" content=\"Today, we will study the interest of centralized logs and especially how to do it for Cisco Systems (router, switch\u2026).\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/\" \/>\n<meta property=\"og:site_name\" content=\"ESDS Official Knowledgebase\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ESDSdc\/\" \/>\n<meta property=\"article:published_time\" content=\"2015-12-30T12:24:02+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/www.esds.co.in\/kb\/wp-content\/uploads\/2015\/12\/Sending-logs-to-a-Remote-Server-with-Cisco.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ESDSDataCenter\" \/>\n<meta name=\"twitter:site\" content=\"@ESDSDataCenter\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\">\n\t<meta name=\"twitter:data1\" content=\"3 minutes\">\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esds.co.in\/kb\/#website\",\"url\":\"https:\/\/www.esds.co.in\/kb\/\",\"name\":\"ESDS Official Knowledgebase\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/www.esds.co.in\/kb\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"http:\/\/www.esds.co.in\/kb\/wp-content\/uploads\/2015\/12\/Sending-logs-to-a-Remote-Server-with-Cisco.png\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/#webpage\",\"url\":\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/\",\"name\":\"Centralizing Logs with Cisco to a Remote Server\",\"isPartOf\":{\"@id\":\"https:\/\/www.esds.co.in\/kb\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/#primaryimage\"},\"datePublished\":\"2015-12-30T12:24:02+00:00\",\"dateModified\":\"2015-12-30T12:24:02+00:00\",\"author\":{\"@id\":\"https:\/\/www.esds.co.in\/kb\/#\/schema\/person\/d6f54dbda254c30373f777c3afc1ee85\"},\"description\":\"Today, we will study the interest of centralized logs and especially how to do it for Cisco Systems (router, switch\\u2026).\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esds.co.in\/kb\/\",\"url\":\"https:\/\/www.esds.co.in\/kb\/\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"position\":2,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/\",\"url\":\"https:\/\/www.esds.co.in\/kb\/centralizing-logs-with-cisco-to-a-remote-server\/\",\"name\":\"Centralizing Logs with Cisco to a Remote Server\"}}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esds.co.in\/kb\/#\/schema\/person\/d6f54dbda254c30373f777c3afc1ee85\",\"name\":\"Nilesh\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.esds.co.in\/kb\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0ee75c69a8018595f3d1cfb1fc7e524e?s=96&d=mm&r=g\",\"caption\":\"Nilesh\"},\"description\":\"IT tech writer for over 5 years, at ESDS I am to you for the web hosting sector news and technical insights. I also discuss in the context of substantive issues such as new programming languages, high-performance computing and open source.\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"https:\/\/www.esds.co.in\/kb\/wp-json\/wp\/v2\/posts\/3133"}],"collection":[{"href":"https:\/\/www.esds.co.in\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esds.co.in\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esds.co.in\/kb\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esds.co.in\/kb\/wp-json\/wp\/v2\/comments?post=3133"}],"version-history":[{"count":11,"href":"https:\/\/www.esds.co.in\/kb\/wp-json\/wp\/v2\/posts\/3133\/revisions"}],"predecessor-version":[{"id":3145,"href":"https:\/\/www.esds.co.in\/kb\/wp-json\/wp\/v2\/posts\/3133\/revisions\/3145"}],"wp:attachment":[{"href":"https:\/\/www.esds.co.in\/kb\/wp-json\/wp\/v2\/media?parent=3133"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esds.co.in\/kb\/wp-json\/wp\/v2\/categories?post=3133"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esds.co.in\/kb\/wp-json\/wp\/v2\/tags?post=3133"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}