[rancid] cisco router logs
Alex DEKKER
me at ale.cx
Sat Nov 12 22:25:27 UTC 2011
shouldbe q931 wrote:
>>> I wondered if anyone had already written a script to extract the
>>> logs
>>> from a Cisco router and drop them into CVS
So in answer to the original question...you could add 'show log' to the
commandtable, or even 'show log | exclude IPACCESS' if you're not
interested in ACL hits.
> The situation is a small site with an ADSL connection that only has
> two desktops and no VPN back to the main site. I'd rather not have
> syslog traffic going over the Internet, hence the idea of
> "collecting"
> the log over an SSH connection.
You can actually encrypt remote logging:
http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_reliable_del_filter.html#wp1054565
but you might find it more straightforward to set up a VPN anyway as it
will have other uses. You will probably want to think about filtering
and/or rate-limiting syslog so that it doesn't overwhelm the either the
router or the upstream on the link.
alexd
More information about the Rancid-discuss
mailing list