RE: Syslog and Router

• Previous message: Mark L. Jackson: "RE: how to tell when a file was last read"
• Maybe in reply to: many Lists..: "Syslog and Router"
• Next in thread: hackerwacker: "Re: Syslog and Router"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Jamie Furtner <jamie.furtner@ideaca.com>
To: "'many Lists..'" <many_lists@yahoo.com>, security-basics@securityfocus.com
Date: Fri, 26 Jul 2002 14:39:06 -0600

Use the "LOGGING <hostname or IP>" command to tell the router where the logs
are supposed to go. You may also want to use "logging facility <local1-7>"
so you can split your logs out to a seperate router log file.

Setting up the syslog server to only accept logs from a particular IP is
server specific - the generic syslog daemons on Linux and Solaris don't have
that capability(ie. they accept events from any IP). You would have to
replace the daemon with a third party syslog daemon such as syslog-ng on
*nix.

Jamie

-----Original Message-----
From: many Lists.. [mailto:many_lists@yahoo.com]
Sent: Friday, July 26, 2002 7:32 AM
To: security-basics@securityfocus.com
Subject: Syslog and Router

I read it in a cisco book that while applying access
lists in router, we can choose also
whether to log any packet matching a particular access
rule or not, If we don't define whether to log it on
some syslog server then logs are displayed on console.
However it's written in book that we can get logs via
some syslog server remotely.
I need hints and tips on how do i setup a syslog
server to accept logs input from
router's ip only!!! and how do i define the syslog
server's ip in router because i couldnt find it in my
cisco's book anywhere. I have cisco book by Todd
Lammale.

Thanks in Advance

__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com

• Previous message: Mark L. Jackson: "RE: how to tell when a file was last read"
• Maybe in reply to: many Lists..: "Syslog and Router"
• Next in thread: hackerwacker: "Re: Syslog and Router"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: Syslog tools ... Any syslog server running on a Microsoft Operating system will have the ... The sources would be IIS logs, ... (Security-Basics) Re: Syslog and Router ... > some syslog server then logs are displayed on console. ... > server's ip in router because i couldnt find it in my ... I have cisco book by Todd ... (Security-Basics) RE: audit trails for file access ... I actually use NTSyslog to send my logs off to a syslog server, ... On the syslog server side, I use syslog-ng to log to a MySQL database. ... In regards to logging to another machine, use the Eventlog to Syslog ... (Focus-Microsoft) Re: Windows event auditing and reporting ... Log to Syslog translators and subsequent Syslog reporting tools. ... Once you get your logs into a generally vendor-agnostic format such as ... Event logs, especially DC logs for events such as New user accounts, ... Computer Emergency Response Teams, and Digital Investigations. ... (Security-Basics) Re: Syslog and Router ... Subject: Syslog and Router ... >> logs are supposed to go. ... >> some syslog server then logs are displayed on console. ... (Security-Basics)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint