In addition to using the "logging" command to send the syslog messages to a
syslog server, you can also generate traps from syslog messages. The
advantage of doing this is that you can then use rulesets to parse the
syslog message and take whatever actions you want. The BIG disadvantage is
that every syslog message uses the same trap ID, i.e. it's a "generic"
syslog trap. This means that you MUST use rulesets to get any useful
information out of the traps. If you just want logging somewhere on a
server, then the syslog server is the best way to go. BTW, Cisco's
Essentials product has a very good Syslog Analysis function for viewing the
syslog messages of a particular device, all devices, or a specific time
frame.
The configuration. commands for Cisco IOS are: "snmp-server enable traps
syslog" Also check the "logging history level" command.
The traps will show up in NetView under enterprise
"ciscoSyslogMIBNotifications (1.3.6.1.4.1.9.9.41.2)", and Enterprise
Specific trap #1.
Joel Gerber - I/T Networking Professional - USAA Information Technology Co.
- San Antonio, TX
* (210)456-4231 * mailto:Joel.Gerber@USAA.com "
http://www.usaa.com
-----Original Message-----
From: Howard P James [SMTP:Howard.P.James@AEXP.COM]
Sent: Wednesday, January 19, 2000 09:25
To: NV-L@UCSBVM.UCSB.EDU
Subject: Cisco SNMP MIB to extract show log contents
Does anyone know of a Cisco MIB to extract the contents of the 'show
log'
command?
|