This is an old revision of the document!
!!! add access list logging
[gate:~] # grep syslog /etc/rc.conf syslogd_flags="-a 192.168.X.0/24:*" [gate:~] # grep local0 /etc/syslog.conf local0.* /var/log/cisco.log [gate:~] # touch /var/log/cisco.log [gate:~] # /etc/rc.d/syslogd restart [gate:~] # tail -f /var/log/cisco.log
root@gate:~# cat /etc/default/syslogd ... SYSLOGD="-r" root@gate:~# cat /etc/syslog.conf ... local0.* /var/log/cisco.log root@gate:~# touch /var/log/cisco.log root@gate:~# chown syslog:adm /var/log/cisco.log root@gate:~# /etc/init.d/sysklogd restart root@gate:~# tail -f /var/log/cisco.log
root@gate:~# rcsdiff /etc/rsyslog.conf 20,21c20,21 < #$ModLoad imudp < #$UDPServerRun 514 --- > $ModLoad imudp > $UDPServerRun 514 root@gate:~# cat /etc/rsyslog.d/30-cisco.conf local0.* -/var/log/cisco.log root@gate:~# touch /var/log/cisco.log root@gate:~# chown syslog:adm /var/log/cisco.log root@gate:~# service rsyslog stop root@gate:~# service rsyslog start
switch.corpX.un# terminal monitor
switch.corpX.un#wr t ... ! logging facility local0 logging gate !