Configure logging and audit on routers

Hello everyone,

I'm having some troubles finding a guide or document on how to enable audit in routers.

I've read the Cisco IOS System Messages Guide vol 1 & 2, for version

12.4 (which is the one I'm running on my router). "
formatting link
" In that guide you can find all messages with their explanation.

I turned on logging on my router correctly and I'm sending everything to a syslog server. The logging trap level is set to debug, so I'm also getting every lower level.

The router is sending messages, for example, for facility codes SYS, LINEPROTO, LINK, SSH, PARSER, SNMP and SEC.

As soon as I turned on logging I started to get SYS, LINK and LINEPROTO messages, but to get the SEC messages I had to turn on logging on each ACL by adding the keyword "log" or "log-input". Something similar happens with PARSER messages (which is logging every command run by any user). I had to configure this by running commands: archive log config logging enable logging size 200 notify syslog

I've seen somewhere that if I use AAA accounting I can get messages even if I don't have TACACS+ server. Is that correct? Does anyone know how can I log AAA events to the syslog?

In the "System Messages Guide" I find a lot of facility codes that I don't get on my syslog server.

Does anyone know if there is any cisco guide that explains how to audit everything on a router? And I don't mean "how to enable logging", because I've done that and I know there is a guide for that. I want to know how to get all messages that are on the "System Message Guide" on my syslog.

I've also read the "Cisco IOS Security Configuration Guide" and I haven't found a clear explanation to enable "full system logging".

Thanks in advance!


Reply to
Esteban G.
Loading thread data ...

To see what logging functions are available in your IOS, do this (config)#logging ?

Also see this:

archive log config logging enable logging size 1000 hidekeys

Nobody can tell you what logg>Hello everyone,

Reply to
X-Eliminator Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.