Task 4: Configure Syslog Parameters
|
|
Now that your user accounts are configured and you have confirmed that they work, you can move on to adjusting the default syslog parameters. The default syslog configuration on an M-series router will be similar to this example:
[edit] lab@r1# show system syslog user * { any emergency; } file messages { any notice; authorization info; The default syslog settings will display emergency-level messages for all facility classes to any user that is logged in, and will log at the notice and info levels to the file messages for all facility classes and for the authorization class, respectively. The default archive settings will allow up to ten 128KB files that are not world-readable.
In this example, your goal is to modify the default syslog parameters to achieve the following criteria:
-
Place authorization messages into a log file named auth
-
Permit five copies of the auth file, each no larger than 5MB
The commands used to meet these requirements are as follows:
[edit system syslog] lab@r1# delete file messages authorization [edit system syslog] lab@r1# set file auth authorization info [edit system syslog] lab@r1# set file auth archive files 5 size 5m
And here is the modified syslog stanza:
[edit system syslog] lab@r1# show user * { any emergency; } file messages { any notice; } file auth { authorization info; archive size 5m files 5; }
Verify Syslog Operation
Verifying the modified syslog parameters is relatively simple. You can open a second telnet connection to the router and monitor the log files while you log in and out, or you can view the log files offline to confirm that authorization-related information is now being written to both the auth and messages log files. The second approach is illustrated next:
lab@r1> quit r1 (ttyd0) login: anything Password: Login incorrect login: ^CClient aborted login r1 (ttyd0) login: lab Password: Last login: Mon Apr 1 14:33:26 on ttyd0 --- JUNOS 5.2B3.1 built 2001-12-28 18:50:44 UTC lab@r1> show log auth Apr 1 14:36:25 r1 login: 1 LOGIN FAILURE ON ttyd0 Apr 1 14:36:30 r1 login: login on ttyd0 as lab
When modifying the syslog configuration, care should be taken to ensure that the remaining default settings are left according to the lab scenario's instructions. For example, the following syslog configuration sets the default archive parameters of all files at the [edit system syslog] level and below to five files of 5MB each. Such a setting will also affect the size and number of the archived messages files stored on your router. Depending on the specifics of your configuration requirement, changing the default size and number of archived messages files could result in lost points on the JNCIP exam:
[edit system syslog] lab@r1# show archive size 5m files 5; user * { any emergency; } file messages { any notice; } file auth { authorization info; }
|
|
EAN: 2147483647
Pages: 132
- ERP System Acquisition: A Process Model and Results From an Austrian Survey
- Enterprise Application Integration: New Solutions for a Solved Problem or a Challenging Research Field?
- The Effects of an Enterprise Resource Planning System (ERP) Implementation on Job Characteristics – A Study using the Hackman and Oldham Job Characteristics Model
- Relevance and Micro-Relevance for the Professional as Determinants of IT-Diffusion and IT-Use in Healthcare
- Development of Interactive Web Sites to Enhance Police/Community Relations