Setup Syslog server

setup Syslog Server lab with GNS3:
=============
Syslog Server to catch the device information relating to log information. Example if a Router generate a log about UP/UP interface. This log message will send over to the Syslog server.
Step 1: Download and install Syslog server

or Download a full blown PRTG system monitor: Syslog server and SNMP server.
If you download PRTG, read how to enable Syslog trap and SNMP trap:

Step 2:
copy below code into the router

!You’ll need a NTP server- a remote clock server
!or you can setup the clock locally like below manually
clock set 7:00:00 14 June 2022

conf t
service sequence-numbers
service timestamps log
!
!We want to sent log info about loopback0 interface.
interface loopback0
ip address 192.168.2.9 255.255.255.255
no shutdown
!
!logging Server
logging on
logging host 192.168.1.8
!Type of message log is set to information
logging trap info
!

loggin origin-id hostname
logging facility local6
!default UDP port, don’t forget to open that port on Window Firewall.
logging host 192.168.1.8 transport udp port 514
!Interface to monitor
logging source-interface lo0

Step 3:
on the router, you can try to shutdown ON/OFF the above interface, to see the log will send over to the Syslog server you setup and install in step 1.

——
You will see message like this: 
R2(config-if)#no shut
000175: 03:01:49: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 192.168.1.8 port 514 started – reconnection


If you get an error message in PRTG system monitor like 162 is in used by another process
Find out what program is using that port number: 162
cmd > netstat -ano|find “:162“
-Then use TaskManger to kill that process, it should work after.

Below is the show Run code for Both: SNMP server and Syslog Server: 

!
interface Loopback0
ip address 192.168.2.9 255.255.255.255
!
interface FastEthernet1/0
ip address 192.168.1.9 255.255.255.0
duplex auto
speed auto
!
ip forward-protocol nd
!
logging origin-id hostname
logging facility local6
logging source-interface Loopback0
logging 192.168.1.8
snmp-server community myRouter RW
snmp-server community public RO
snmp-server location Las Vegas, NV
snmp-server contact mrBillGate (555)555-5555×67
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps config
snmp-server host 192.168.1.8 version 2c myRouter
no cdp log mismatch duplex
!
end
!

Published by

Khmer Certified

Welcome to Khmer Certified. We're all about sharing the experienced in Information Technology. Our site is not an introduction to computer. We are more about sharing your journey that may take to get a job in an entry level IT - your first year in IT field

One thought on “Setup Syslog server”

  1. Pingback: setup SNMP Server – Khmer Certified

Leave a comment