Syslog is the log-collection protocol every network device speaks. Configure your routers and switches to send their logs to a central syslog server, and you get a single searchable archive of everything that happened across the network. This lab configures syslog on R2 sending to R1 as the destination, with sensible buffer + console + trap settings.
What you will learn
- The
logging buffered,logging host,logging console,logging trapcommands - The eight syslog severity levels (0-7)
- How to format timestamps with millisecond precision
- The trade-off between log volume and visibility
What this lab does NOT cover
- Syslog over TLS (transport security)
- Structured logging / JSON output
- Splunk / ELK / commercial log analysis platforms
Topology
Download the CCNA Base Topology .yaml
3 iol-xe routers + 1 alpine + 1 ioll2-xe managed switch.
The eight severity levels
emergencies
Level0
Use caseSystem unusable
alerts
Level1
Use case
Immediate action required
critical
Level2
Use caseCritical conditions
errors
Level3
Use caseError conditions
warnings
Level4
Use caseWarning conditions
notifications
Level5
Use caseNormal but significant
informational
Level6
Use caseInformational messages
debugging
Level7
Use case
Debug output (very chatty)
