[c-nsp] Setting the Remote Syslog Port in IOS
Christian Koch
christian at broknrobot.com
Wed Sep 10 14:03:39 EDT 2008
This is actually what i do now, but we are moving away from syslog-ng
to splunk, basically for the ease of searching and report generation,
especially for the lower tiered noc techs, so in splunk you can create
multiple "virtual" instances, so what we wanted to do was separate say
customer logging to its own port, sec logs to its own port and
associated with the splunk instance configured to accept syslog
messages on port x/y/z etc.
Otherwise, I agree, syslog-ng can be very good if configured correctly
and extensively
Christian
On Wed, Sep 10, 2008 at 1:45 PM, Rick Coloccia <coloccia at geneseo.edu> wrote:
> Interesting approach. I installed syslog-ng on my syslog server (CentOS
> 5.2) and am filtering very extensively based on source host and pattern
> matching inside the trap. I have lots of different files in place now based
> on what cisco device created the trap and what the message in the trap is.
> But they are all the same facility. You might find that a lot more useful.
> Take a look at syslog-ng, and don't let it overwhelm you - it's not as bad
> as it looks to set up. Assuming a linux box, you can leave your existing
> syslog in place, and just add this to a system to receive syslogs from over
> the network. Very, very configurable.
>
> -Rick
>
> Christian Koch wrote:
>>
>> I know i can set the remote syslog port on ASA/PIX's, but i don't seem
>> to see that it is possible in IOS.
>>
>> I wanted to segregate logs by sending them from certain devices to
>> separate syslog ports
>>
>> Can anyone confirm this behavior?
>>
>> Has anyone had the need to do something similar?
>>
>> Thanks
>>
>>
>> Christian
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>
> --
> Rick Coloccia, Jr.
> Network Manager
> State University of NY College at Geneseo
> 1 College Circle, 119 South Hall
> Geneseo, NY 14454
> V: 585-245-5577
> F: 585-245-5579
>
>
More information about the cisco-nsp
mailing list