Just a quick note on how to make a syslog server to collect Cisco logging messages. From a fresh installation of FreeBSD 9.1
1. Allow syslogd to accept connections from anywhere (I use an external firewall to limit access)
echo 'syslogd_flags="-a *:*"' >> /etc/rc.conf
2. Modify the syslogd configuration file to accept the messages from the Cisco devices
echo 'local7.* /var/log/cisco/cisco.log' >> /etc/syslogd.conf
You can also stop duplicating the recored by adding “local7.none
” to the following line (final result shown):
*.notice;local7.none;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
3. Create the file structure for the messages
mkdir /var/log/cisco touch /var/log/cisco/cisco.log chmod 0600 /var/log/cisco/cisco.log
4. Restart the syslogd service
service syslogd restart