[rancid] cisco router logs

Alex DEKKER me at ale.cx
Sat Nov 12 22:25:27 UTC 2011


shouldbe q931 wrote:

>>> I wondered if anyone had already written a script to extract the 
>>> logs
>>> from a Cisco router and drop them into CVS

So in answer to the original question...you could add 'show log' to the 
commandtable, or even 'show log | exclude IPACCESS' if you're not 
interested in ACL hits.

> The situation is a small site with an ADSL connection that only has
> two desktops and no VPN back to the main site. I'd rather not have
> syslog traffic going over the Internet, hence the idea of 
> "collecting"
> the log over an SSH connection.

You can actually encrypt remote logging:

http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_reliable_del_filter.html#wp1054565

but you might find it more straightforward to set up a VPN anyway as it 
will have other uses. You will probably want to think about filtering 
and/or rate-limiting syslog so that it doesn't overwhelm the either the 
router or the upstream on the link.

alexd


More information about the Rancid-discuss mailing list