Previous section   Next section

Recipe 18.1 Enabling Local Router Logging

18.1.1 Problem

You want your router to record log messages, instead of just displaying them on the console.

18.1.2 Solution

Use the logging buffered configuration command to enable the local storage of router log messages:

Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#logging buffered informational
Router(config)#end 
Router#

18.1.3 Discussion

This feature causes the router to store all log messages to a revolving buffer called the logging buffer. Many network administrators find it convenient and useful to keep detailed router logs on the router itself. The router discards its oldest messages to make room for new ones. This ensures that the logging buffer contains the most recent messages without depleting the router's RAM. You can use the show logging command to view this buffer:

Router>show logging
Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 
overruns)
    Console logging: level debugging, 653 messages logged
    Monitor logging: level debugging, 65 messages logged
    Buffer logging: level informational, 1 messages logged
    Logging Exception size (4096 bytes)
    Trap logging: level informational, 657 message lines logged
Log Buffer (4096 bytes):
Mar 26 09:02:25: %SEC-6-IPACCESSLOGS: list 99 denied 172.16.2.2 5 packets
Mar 26 09:04:56: %CLEAR-5-COUNTERS: Clear counter on all interfaces on vty1 
Mar 26 09:05:13: %SYS-5-CONFIG_I: Configured from console by ijbrown on vty1 
Router>

Note that the default severity logging level is set to debugging. You can adjust the severity level of the buffered log with the severity level keyword. In the solution section example, we configured the router with the keyword informational. This will cause it to ignore debugging messages, but retain all other system log messages.

The log messages appear in order from oldest to most recent. By default, the show logging command displays all messages contained in the log buffer. However, you can display specific message types can by using output modifiers:

Router>show log | include denied
Apr  7 21:16:12 EDT: %SEC-6-IPACCESSLOGS: list 98 denied 172.25.25.1 19 packets
Apr  7 21:21:12 EDT: %SEC-6-IPACCESSLOGS: list 98 denied 172.25.1.5 1 packet
Apr  7 21:26:12 EDT: %SEC-6-IPACCESSLOGS: list 98 denied 172.25.25.1 19 packets
Apr  7 21:31:13 EDT: %SEC-6-IPACCESSLOGS: list 98 denied 172.25.25.1 5 packets
Apr  7 21:33:13 EDT: %SEC-6-IPACCESSLOGS: list 98 denied 172.25.1.5 16 packets
Apr  7 21:36:13 EDT: %SEC-6-IPACCESSLOGS: list 98 denied 172.25.25.1 5 packets
Router>

By using output modifiers, you can display a single type of message based on a regular expression, similar to the grep command in Unix.

We discussed the importance of accurate timekeeping and log timestamping in Chapter 14, where we recommended enabling log timestamps to help make the log messages more meaningful.

To disable the router's logging buffer, use the following command:

Router#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#no logging buffered 
Router(config)#end
Router#

18.1.4 See Also

Recipe 18.2; Recipe 18.3; Chapter 14


  Previous section   Next section
Top