We are using switch 3560 and a server
Connect Server and Switch using straight through cable
Configuring interface vlan 1 IP address on 3560 Switch
SW-1(config)#interface vlan 1
SW-1(config-if)#ip address 192.168.1.3 255.255.255.0
SW-1(config-if)#no shut
Configure following ip address on Server
Connect Server and Switch using straight through cable
Configuring interface vlan 1 IP address on 3560 Switch
SW-1(config)#interface vlan 1
SW-1(config-if)#ip address 192.168.1.3 255.255.255.0
SW-1(config-if)#no shut
Configure following ip address on Server
Enable Syslog service on Server
Configuring Logging on Switch
Define syslog server
SW-1(config)#logging host 192.168.1.2
Specifying type of trap we want to send to server
SW-1(config)#logging trap ?
Emergency: 0
Alert: 1
Critical: 2
Error: 3
Warning: 4
Notice: 5
Informational: 6
Debug: 7
SW-1(config)#logging trap warning
Trap will be send for Emergency, Alert , Critical, Error and Warning
SW-1(config)#logging trap debug
All trap will be send to syslog server
We can specify interface by source-interface command
SW-1(config)#logging source-interface fa0/0
SW-1(config)#exit
We will change switch hostname from Sw-1 to switch and vice and versa and verify logs on syslog server
SW-1(config)#hostname switch
switch(config)#host
switch(config)#hostname SW-1
SW-1(config)#
Verifying logs on Server
Define syslog server
SW-1(config)#logging host 192.168.1.2
Specifying type of trap we want to send to server
SW-1(config)#logging trap ?
Emergency: 0
Alert: 1
Critical: 2
Error: 3
Warning: 4
Notice: 5
Informational: 6
Debug: 7
SW-1(config)#logging trap warning
Trap will be send for Emergency, Alert , Critical, Error and Warning
SW-1(config)#logging trap debug
All trap will be send to syslog server
We can specify interface by source-interface command
SW-1(config)#logging source-interface fa0/0
SW-1(config)#exit
We will change switch hostname from Sw-1 to switch and vice and versa and verify logs on syslog server
SW-1(config)#hostname switch
switch(config)#host
switch(config)#hostname SW-1
SW-1(config)#
Verifying logs on Server
I really appreciate information shared above. It’s of great help. If someone want to learn Online (Virtual) instructor lead live training in IBM QRADAR SIEM , kindly contact us http://www.maxmunus.com/contact
ReplyDeleteMaxMunus Offer World Class Virtual Instructor led training On IBM QRADAR SIEM. We have industry expert trainer. We provide Training Material and Software Support. MaxMunus has successfully conducted 100000+ trainings in India, USA, UK, Australlia, Switzerland, Qatar, Saudi Arabia, Bangladesh, Bahrain and UAE etc.
For Demo Contact us.
Saurabh Srivastava
MaxMunus
E-mail: saurabh@maxmunus.com
Skype id: saurabhmaxmunus
Ph:+91 8553576305 / 080 - 41103383
http://www.maxmunus.com/
what is the propose of the syslog service (server switch)?
ReplyDelete