Cisco IOS
Cisco IOS (originally Internetwork Operating System) is software used on most Cisco Systems routers and current Cisco network switches (Earlier switches ran CatOS). IOS is a package of routing, switching, internetworking and telecommunications functions integrated into a multitasking operating system.
The IOS command line interface (CLI) provides a fixed set of multiple-word commands. The set available is determined by the “mode” and the privilege level of the current user. “Global configuration mode” provides commands to change the system’s configuration, and “interface configuration mode” provides commands to change the configuration of a specific interface. All commands are assigned to a privilege level, from 0 to 15, and can only be accessed by users with the necessary privilege. Through the CLI, the commands available to each privilege level can be defined.
For log collecting from device with Cisco IOS please follow next few steps.
-
Login to Cisco device via SSH.
-
To enter the configuration mode:
configure terminal
-
Turning on date-time timestamp for logging messages:
service timestamps log datetime
-
To enable the logging of user information, use command:
logging userinfo
-
Enable history for configuration commands:
# enter to archive configuration mode archive # enters configuration change logger configuration mode. log config record rc # enables the logging of configuration changes logging enable # enables the sending of notifications of configuration changes # to a remote syslog notify syslog contenttype plaintext # to suppress the display of password information in configuration log files hidekeys
-
Enable notification of spanning-tree events:
spanning-tree logging
-
Enable log SSH-related events:
ip ssh logging events
-
Set logging syslog messages with maximum severity level:
logging history debugging
-
Set trap messages with maximum severity level:
logging trap debugging
-
Add an origin identifier to system logging messages sent to remote hosts:
logging origin-id hostname
-
Log system messages and debug output to the Logmanager:
logging <Logmanager_IP_address>
Logmanager_IP_address is IP address of your Logmanager server. -
Configure the number of Telnet sessions:
line vty 0 15
-
To synchronize unsolicited messages and debug output use logging synchronous command. Level all specifies that all messages are printed asynchronously:
logging synchronous level all
Now your Cisco device will be sending logs to the Logmanager.