How to check Cisco routers logs on linux machine
Checking Cisco routers Logs
I will assume your cisco router’s IP is 192.168.2.1 and your linux machine IP is 192.168.2.3 where you want to see cisco router’s log
Login to your cisco router, enter into configuration mode and type logging 192.168.2.3
router > enable Router# conf t Router# logging 192.168.2.3
Now login into your linux machine, and edit the file syslog
#vi /etc/sysconfig/syslog
And change the line
SYSLOGD_OPTIONS="-m 0"
To
SYSLOGD_OPTIONS="-m 0 -r"
So your syslog file should look like
# Options to syslogd # -m 0 disables 'MARK' messages. # -r enables logging from remote machines # -x disables DNS lookups on messages recieved with -r # See syslogd(8) for more details SYSLOGD_OPTIONS=”-m 0 -r” # Options to klogd # -2 prints all kernel oops messages twice; once for klogd to decode, and # once for processing with ‘ksymoops’ # -x disables all klogd processing of oops messages entirely # See klogd(8) for more details KLOGD_OPTIONS=“-x” # SYSLOG_UMASK=077 # set this to a umask value to use for all log files as in umask(1). # By default, all permissions are removed for “group” and “other”.
Save syslog file and restart syslogd service,
[root@host ~]# /etc/init.d/syslog restart Shutting down sskernel logger: [ OK ] Shutting down system logger: [ OK ] Starting system logger: [ OK ] Starting kernel logger: [ OK ] [root@host ~]#
You should see -r option in the output of the command ps ax | grep syslog
[root@host ~]# ps ax | grep syslog 2586 ? Ss 0:00 syslogd -m 0 -r 3411 pts/1 S+ 0:00 grep syslog
Now check the logs
#tail -f /var/log/syslog
This settings work when both the linux and the router are on same network, but you can send logs to remote linux machine but you have to edit the hosts.allow file and enter the the IP of the router. if you want to check logs on windows you can find some free log analyzer for windows like winlogd, download it from http://edoceo.com/creo/winlogd and check the logs on windows using that software.
Thats All!