From: Ovidiu Neghina (o.neghina@gmail.com)
Date: Mon Feb 16 2009 - 05:43:37 ARST
Thank you Pavel for that.
Are you sure about your statement?
I have read again the usage guidelines for logging trap:
http://www.cisco.com/en/US/docs/ios/12_3/configfun/command/reference/cfr_1g04.html#wp1033213
Usage Guidelines
A trap is an unsolicited message sent to a remote network management
host. Logging traps should not be confused with SNMP traps (SNMP
logging traps require the use of the CISCO -SYSLOG-MIB, are enabled
using the snmp-server enable traps syslog command, and are sent using
the Simple Network Management Protocol.)
and the example shows that the logging host and logging trap are used
togeter - nothing about SNMP:
Examples
In the following example, system messages of levels 0 (emergencies)
through 5 (notifications) are sent to the host at 209.165.200.225:
Router(config)# logging host 209.165.200.225
Router(config)# logging trap notifications
I did some configuration and capturing of packets using dynamips and
capture feature on R4 for the following setup
Rack1R4#sh run | i snmp|logg
logging buffered 6400 debugging
logging trap debugging
snmp-server community CISCO RO
snmp-server enable traps syslog
snmp-server host 155.1.146.1 version 2c CISCORO
logging synchronous
Rack1R4#
On the wireshark capture I see no snmp traps going through the interface .
Then I played only with logging commands :
Option 1:
logging 155.1.146.1
logging traps informational - so no debugs logs are sent to the station.
In the packet capture I saw the syslog informational packets . I did a
debug on the router and the debugs logs were NOT sent to 155.1.146.1.
However , if I enabled
< logging traps debugging >
and then when I did a <debug ip packet>, on the capture i saw all the
logs sent through syslog (udp 514).
So conclusion for me is that <logging trap> has nothing to do with
SNMP but syslog only.
Br,
Ovidiu
On Sun, Feb 15, 2009 at 11:28 PM, Pavel Bykov <slidersv@gmail.com> wrote:
> Ovidiu,
> These are separate things.
> 1. logging x.x.x.x command sends SYSLOG messages using UDP/514
> 2. logging trap command is an auxiliary SNMP command (has to be used in
> conjuction with other SNMP commands) that sends local SYSLOG messages into
> SNMP traps and sends them using UDP/162
>
> On Sun, Feb 15, 2009 at 12:49 PM, Ovidiu Neghina <o.neghina@gmail.com>
> wrote:
>>
>> Hi
>> I have read the command reference for logging trap and I need your
>> opinion.
>> If we type < logging 223.1.9.100 > then the router will send by
>> default logs up to and including informational level.
>> I have a lab that asks for all log messages to be sent to server
>> 223.1.9.100. My understanding is that we should type:
>> < logging 223.1.9.100 >
>> and
>> <logging trap debugging >
>> to have all logs messages sent to the server.
>>
>> The solution however shows only logging 223.1.9.100 which I believe
>> it is incomplete.
>>
>> What do you think ?
>>
>> Br,
>> Ovidiu
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>
>
>
> --
> Pavel Bykov
> ----------------
> Don't forget to help stopping the braindumps, use of which reduces value of
> your certifications. Sign the petition at http://www.stopbraindumps.com/
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:11 ARST