logging
Syntax
logging {<IPV4-ADDR> | <IPV6-ADDR> | <HOSTNAME>}
[udp [<PORT-NUM>] | tcp [<PORT-NUM>]| tls [<PORT-NUM>]]
[include-auditable-events] [severity <LEVEL>] [vrf <VRF-NAME>]
logging {<IPV4-ADDR> | <IPV6-ADDR> | <HOSTNAME>}
[tls [<PORT-NUM>]] [auth-mode {certificate|subject-name}]
[legacy-tls-renegotiation] [include-auditable-events] [severity <LEVEL>]
[vrf <VRF-NAME>]
no logging {<IPV4-ADDR> | <IPV6-ADDR> | <HOSTNAME>}
Description
Enables syslog forwarding to a remote syslog server.
The
no
form of this command disables syslog forwarding to a remote syslog server.
Command context
config
Parameters
{<IPV4-ADDR> | <IPV6-ADDR> | <HOSTNAME>}
- Selects the IPv4 address, IPv6 address, or host name of the remote syslog server. Required.
[udp [<PORT-NUM>] | tcp [<PORT-NUM> | tls [<PORT-NUM>]]
Specifies the UDP port, TCP port, or TLS port of the remote syslog server to receive the forwarded syslog messages.
udp [<PORT-NUM>]
Range: 1 to 65535. Default: 514
tcp [<PORT-NUM>]
Range: 1 to 65535. Default: 1470
tls [<PORT-NUM>]
Range: 1 to 65535. Default: 6514
include-auditable-events
Specifies that auditable messages are also logged to the remote syslog server.
severity <LEVEL>
- Specifies the severity of the syslog messages:
alert
: Forwards syslog messages with the severity ofalert (6)
andemergency (7)
.crit
: Forwards syslog messages with the severity ofcritical (5)
and above.debug
: Forwards syslog messages with the severity ofdebug (0)
and above.emerg
: Forwards syslog messages with the severity ofemergency (7)
only.err
: Forwards syslog messages with the severity oferr (4)
and aboveinfo
: Forwards syslog messages with the severity ofinfo (1)
and above. Default.notice
: Forwards syslog messages with the severity ofnotice (2)
and above.warning
: Forwards syslog messages with the severity ofwarning (3)
and above.
auth-mode
Specifies the TLS authentication mode used to validate the certificate.
certificate
: Validates the peer using trust anchor certificate based authentication. Default.subject-name
: Validates the peer using trust anchor certificates as well as subject-name based authentication.
legacy-tls-renegotiation
Enables the TLS connection with a remote syslog server supporting legacy renegotiation.
vrf <VRF-NAME>
Specifies the VRF used to connect to the syslog server. Optional. Default:
default
Authority
Administrators or local user group members with execution rights for this command.
Examples
Enabling the syslog forwarding to remote syslog server 10.0.10.2:
switch(config)# logging 10.0.10.2
Enabling the syslog forwarding of messages with a severity of
err (4)
and above to TCP port 4242 on remote syslog server 10.0.10.9 with VRF
lab_vrf
:
switch(config)# logging 10.0.10.9 tcp 4242 severity err vrf lab_vrf
Disabling syslog forwarding to a remote syslog server:
switch(config)# no logging
Enabling syslog forwarding over TLS to a remote syslog server using subject-name authentication mode:
switch(config)#logging example.com tls auth-mode subject-name