Sh Log

Hi Everyone,

Can anyone help me out with this? I've just set up some security features like ACL's for vty lines etc but when I #sh log after attempting a telnet no information is displayed? I get the following:

R1#sh log
Syslog logging: enabled (12 messages dropped, 0 messages rate-limited,
0 flushes, 0 overruns, xml disabled, filtering disabled)

No Active Message Discriminator.

No Inactive Message Discriminator.

Console logging: level debugging, 39 messages logged, xml disabled,
filtering disabled
Monitor logging: level debugging, 0 messages logged, xml disabled,
filtering disabled
Buffer logging: level debugging, 4 messages logged, xml disabled,
filtering disabled
Logging Exception size (4096 bytes)
Count and timestamp logging messages: disabled
Persistent logging: disabled

No active filter modules.

ESM: 0 messages dropped

Trap logging: level informational, 43 message lines logged

Log Buffer (4096 bytes):

But nothing under the Log Buffer section. I am expecting to see links going up and down in this section, systems restarts and my SEC-6-IPACCESSLOGS

How can I switch this stuff on?

Thanks

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

gecco

Please show us your config including the ACLs if you would.

Bundiman

do you have "log" at the end of each ace that you want to log? If not it wont matter what you have your logging level set at.

Master Of Puppets

Bundiman wrote: »

do you have "log" at the end of each ace that you want to log? If not it wont matter what you have your logging level set at.

Yup, the level doesn't matter, if you don't have the log keyword at the end of the statements. Have you tried to make any log configs?

alliasneo

Hi, yeah sure my config is:

R1#sh run
Building configuration...

Current configuration : 1111 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$nqiG$TQN1zOxSpOWLLA/1xlhve1
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
access-list 100 permit tcp host 10.0.0.2 host 10.0.0.1 eq telnet log
access-list 100 deny ip any any log
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
access-class 100 in
password telnet
login
!
!
end

but I still get this when I run a show log:

R1#sh log
Syslog logging: enabled (12 messages dropped, 0 messages rate-limited,
0 flushes, 0 overruns, xml disabled, filtering disabled)

No Active Message Discriminator.

No Inactive Message Discriminator.

Console logging: level debugging, 14 messages logged, xml disabled,
filtering disabled
Monitor logging: level debugging, 0 messages logged, xml disabled,
filtering disabled
Buffer logging: disabled, xml disabled,
filtering disabled
Logging Exception size (4096 bytes)
Count and timestamp logging messages: disabled
Persistent logging: disabled

No active filter modules.

ESM: 0 messages dropped

Trap logging: level informational, 18 message lines logged
R1#
R1#
R1#
R1#