HostedDB - Dedicated UNIX Servers
index_108
Router Security Configuration Guide UNCLASSIFIED 108 UNCLASSIFIED Version 1.0g Log Buffer (16000 bytes):   Mar 28 11:31:22 EST: %SYS-5-CONFIG_I: Configured from console by vty0 (14.2.9.6)   Setting up Terminal Line Logging Any terminal or virtual terminal line can act as a log monitor.  There are two parts to setting up terminal monitor logging.  First, set the severity level for terminal line monitor log messages; this needs to be done only once.  Second, while using a particular line, declare it to be a monitor; this needs to be done once per session.  The example below shows how to set up terminal line monitoring for informational severity (level 6) on a telnet session virtual terminal line. Central# show users     Line     User      Host(s)                  Idle Location *130 vty 0    bob      idle                 00:00:00 14.2.9.6 Central# config t Enter configuration commands, one per line.  End with CNTL/Z. Central(config)# ! set monitor logging level to level 6 Central(config)# logging monitor information Central(config)# exit Central# ! make this session receive log messages Central# terminal monitor Central# config t Enter configuration commands, one per line.  End with CNTL/Z. Central(config)# interface eth 0/1 Central(config-if)# ! shutdown will log a message, level 5 Central(config-if)# shutdown Central(config-if)# Mar 28 15:55:29 EST: %LINK-5-CHANGED: Interface Ethernet0/1, changed state to administratively down Setting up Syslog Logging Syslog logging is the most useful form of logging offered by Cisco routers.  It offers the network administrator the ability to send log messages from all of the routers (and other Cisco equipment) on a network to a central host for examination and storage.   All Unix and Linux operating system configuration include syslog servers, and free syslog servers are also available for Windows NT and Windows 2000.*                                                  *   The NSA Systems and Network Attack Center offers a suite of Windows NT/2000 tools, called the Value Added Tools (VAT).  The VAT includes a solid, robust syslog server for Windows NT and 2000.   It is available free to US Government entities; request a copy from securent@dewnet.ncsc.mil.