Questions tagged [syslog]
For questions about Syslog on network devices. For instance, you are configuring syslog on your switch or you have have problems with syslog not showing on your router.
43
questions
0
votes
2
answers
94
views
Forward log events to syslog through Fortianalyzer
I'm trying to send my logs from fortianalyzer to graylog, i've set up logforwarding to syslog and i can see some logs that look like this on graylog
<190>logver=702071577 timestamp=1714736929 ...
- 1
0
votes
2
answers
184
views
Can we have two logging source-interface configured on Cisco Switch?
I would like to understand if its possible for us to have two logging source-interface configured on Cisco Switch:
logging source-interface vlan1 (For syslogs)
logging source-interface vlan2 (For ...
- 57
1
vote
1
answer
47
views
Lower level syslogs not sending
We have an MPLS router (ISR4351) in our main data center that reboot itself, causing it and connections to ISR's at other sites to go down. We export our syslogs to a server, and for some reason, none ...
- 11
2
votes
2
answers
335
views
What is the difference between "logging monitor" and "terminal monitor" commands?
I'm currently studying Syslog for CCNA and the course I use mentioned the following command that configures logging of messages to vty lines.
logging monitor level
However, it was then mentioned that ...
- 877
3
votes
1
answer
964
views
How do I check if a Cisco switch is connected to a SYSLOG server?
We use the Cisco C2960X switch.
Query 1: What does console, monitor, buffer & exception logging mean?
Query 2: Capture logging to 192.168.X.X which means if the switch sends logs to the SYSLOG ...
- 125
1
vote
1
answer
1k
views
Logging discriminator to omit specific log message in Cisco
I'm trying to omit a specific log from being sent to our NMS. We are already using a discriminator to limit the severity of messages to include 5,4,3,2,1,0. I'd also like to add to this so that it ...
- 157
1
vote
0
answers
855
views
SOLVED: Check Point firewall log format through syslog [closed]
I receive logs from a series of Check Point firewalls that I don't manage and they are very thorough, containing every possible information about the communication. They're also formatted like field:&...
- 195
1
vote
1
answer
502
views
Cisco ASA syslog messages, reversed source and destination for outbound communication?
I'm writing my own parser for transforming the syslog output from the ASA firewall into CSV for deeper analysis. What I don't get, is why the "for" and "to" machines are switched ...
- 195
4
votes
1
answer
2k
views
Juniper - minor host 0 /var partition usage is high
Currently running a EX4300 switch. We seem to be low on space on fpc0.
I have already run the request system storage cleanup all-members (only cleaned up a few megabytes).
I have cleared the WTMP file ...
- 41
2
votes
1
answer
695
views
Fortigate 100E user names in syslog
I am monitoring the traffic from a Fortinet Fortigate 100E firewall and I am seeing the user name of a former employee whose local and domain accounts were deleted. I can't ask Fortinet support ...
- 195
3
votes
1
answer
146
views
Log messages not leaving switch after changing source to management port
I reconfigured some of our switches to add an OOB connection from the management port. The below configuration is from a 4500X, but also seeing this on 3850s and 2960s.
After I did this I updated the ...
- 165
1
vote
0
answers
168
views
Meraki and Syslog-NG OSE [closed]
I've been struggling epically to export legible logs from my Meraki devices to a server running Syslog-NG OSE 3.30. No matter what source driver I use on the server, I see errors like this (...
0
votes
1
answer
417
views
can't find notify syslog in cisco sw nexus 3000
in cisco IOS i was used "Configuration Change Notification and Logging"
but in cisco sw-nexuis i can't fine the commend
SW-nex3000(config)# archive
SW-nex3000(config-archive)# log config
...
- 331
0
votes
0
answers
2k
views
Cisco ASA and missing logs to syslog server
I would like to have some help with sending syslogs from a Cisco ASA 5555-X to a syslog server, graylog 3.2.1.
When running the following settings I could see a lot of information in the buffer with ...
- 23
0
votes
1
answer
373
views
Unable to receive logs from a device to our SIEM Syslog server via TCP 514 [closed]
I want to collect logs from a security device (McAfee Email Gateway) to our SIEM Syslog server. This security device can forward logs only via TCP syslog on any port (in our case it is 514). We are ...
