Setting up Syslog on FreeBSD 9.1 for Cisco

Just a quick note on how to make a syslog server to collect Cisco logging messages. From a fresh installation of FreeBSD 9.1

1. Allow syslogd to accept connections from anywhere (I use an external firewall to limit access)

echo 'syslogd_flags="-a *:*"' >> /etc/rc.conf

2. Modify the syslogd configuration file to accept the messages from the Cisco devices

echo 'local7.*                                        /var/log/cisco/cisco.log' >> /etc/syslogd.conf

You can also stop duplicating the recored by adding “local7.none” to the following line (final result shown):

*.notice;local7.none;authpriv.none;kern.debug;lpr.info;mail.crit;news.err       /var/log/messages

3. Create the file structure for the messages

mkdir /var/log/cisco
touch /var/log/cisco/cisco.log
chmod 0600 /var/log/cisco/cisco.log

4. Restart the syslogd service

service syslogd restart
This entry was posted in Cisco, FreeBSD Administration and tagged , . Bookmark the permalink.

Leave a Reply