Enabling Local Router Logging

Problem

You want your router to record log messages, instead of just displaying them on the console.

Solution

Use the logging buffered configuration command to enable the local storage of router log messages:

Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#logging buffered informational
Router(config)#end 
Router#

 

Discussion

This feature causes the router to store all log messages to a revolving buffer called the logging buffer. Many network administrators find it convenient and useful to keep detailed router logs on the router itself. The router discards its oldest messages to make room for new ones. This ensures that the logging buffer contains the most recent messages without depleting the router's RAM. You can use the show logging command to view this buffer:

Router>show logging
Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns)
 Console logging: level debugging, 653 messages logged
 Monitor logging: level debugging, 65 messages logged
 Buffer logging: level informational, 1 messages logged
 Logging Exception size (4096 bytes)
 Trap logging: level informational, 657 message lines logged
 
Log Buffer (4096 bytes):
Mar 26 09:02:25: %SEC-6-IPACCESSLOGS: list 99 denied 172.16.2.2 5 packets
Mar 26 09:04:56: %CLEAR-5-COUNTERS: Clear counter on all interfaces on vty1 
Mar 26 09:05:13: %SYS-5-CONFIG_I: Configured from console by ijbrown on vty1 
Router>

Note that the default severity logging level is set to debugging. You can adjust the severity level of the buffered log with the severity level keyword. In the example in the Solution section, we configured the router with the keyword informational. This will cause it to ignore debugging messages, but retain all other system log messages.

The log messages appear in order from oldest to most recent. By default, the show logging command displays all messages contained in the log buffer. However, you can display specific message types by using output modifiers:

Router>show log | include denied
Apr 7 21:16:12 EDT: %SEC-6-IPACCESSLOGS: list 98 denied 172.25.25.1 19 packets
Apr 7 21:21:12 EDT: %SEC-6-IPACCESSLOGS: list 98 denied 172.25.1.5 1 packet
Apr 7 21:26:12 EDT: %SEC-6-IPACCESSLOGS: list 98 denied 172.25.25.1 19 packets
Apr 7 21:31:13 EDT: %SEC-6-IPACCESSLOGS: list 98 denied 172.25.25.1 5 packets
Apr 7 21:33:13 EDT: %SEC-6-IPACCESSLOGS: list 98 denied 172.25.1.5 16 packets
Apr 7 21:36:13 EDT: %SEC-6-IPACCESSLOGS: list 98 denied 172.25.25.1 5 packets
Router>

By using output modifiers, you can display a single type of message based on a regular expression, similar to the grep command in Unix.

We discussed the importance of accurate time keeping and log time stamping in Chapter 14, where we highly recommended enabling log time stamps to help make the log messages more meaningful.

To disable the router's logging buffer, use the following command:

Router#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no logging buffered 
Router(config)#end
Router#

 

See Also

Recipe 18.2; Recipe 18.3; Chapter 14

Router Configuration and File Management

Router Management

User Access and Privilege Levels

TACACS+

IP Routing

RIP

EIGRP

OSPF

BGP

Frame Relay

Handling Queuing and Congestion

Tunnels and VPNs

Dial Backup

NTP and Time

DLSw

Router Interfaces and Media

Simple Network Management Protocol

Logging

Access-Lists

DHCP

NAT

First Hop Redundancy Protocols

IP Multicast

IP Mobility

IPv6

MPLS

Security

Appendix 1. External Software Packages

Appendix 2. IP Precedence, TOS, and DSCP Classifications

Index



Cisco IOS Cookbook
Cisco IOS Cookbook (Cookbooks (OReilly))
ISBN: 0596527225
EAN: 2147483647
Year: 2004
Pages: 505

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net