Syslog/zh:修订间差异

来自Ubuntu中文
跳到导航跳到搜索
Lipeng8413留言 | 贡献
Dbzhang800留言 | 贡献
 
(未显示1个用户的5个中间版本)
第1行: 第1行:
{{Translation}}
#REDIRECT[[Quick HOWTO : Ap04 : syslog Configuration and Cisco Devices/zh]]
 
{{From|http://wiki.ubuntu.org.cn/Quick_HOWTO_:_Ap04_:_syslog_Configuration_and_Cisco_Devices}}
 
{{Translator|lipeng}}
 
{{Languages|Quick_HOWTO_:_Ap04_:_syslog_Configuration_and_Cisco_Devices}}
 
 
== 简介 ==
 
系统日志将设备local0~7保留用做从远程服务器和网络设施接收登录信息。路由器、交换机、防火墙和负载平衡设备每个都使用不同的设备来记录日志,它们每个都有自己的日志文件,这样可以便于排除故障。下面的例子将会教您怎样为每种设备设置不同的日志记录文件。
 
如果您有一个大的数据中心,可能您会按上述建议停止将所有记录写入/var/log/messages。在下面的所有网络设备配置文件例子中,我们会登录到上一章节已设置好的远程linux登录服务器192.168.1.100。
 
== Cisco 路由器 ==
 
默认设置下,思科路由器使用默认设备local7将日志信息发送到它们的日志服务器。在此例子中不要设置此默认设备,记得设置路由器,使日志内容包含时间戳和loopback接口的源IP地址
 
service timestamps log datetime localtime
no logging console
no logging monitor
logging 192.168.1.100
 
==运行CATOS的Catalyst CAT系列交换机==
 
默认设置下,思科交换机也会通过设备local7将日志信息发送给它们的日志服务器。请不要改变该设置,这样路由器和交换机都会将日志写入同一文件
set logging server enable
set logging server 192.168.1.100
set logging level all 5
set logging server severity 6
 
==Cisco本地导向器 ==
 
本地导向器利用syslog输出命令来设置它们的日志记录设备和严重度。设置值应按格式FF.SS(设施.严重度),使用表IV-1中的数字定义:
===Table IV-1 本地导向器的日志记录设备和严重度的数字定义===
 
<div align=center>
 
<table class=MsoNormalTable border=1 cellspacing=0 cellpadding=0
style='border-collapse:collapse;border:none'>
  <tr style='page-break-inside:avoid'>
  <td valign=top style='border:inset #111111 1.0pt;background:green;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b><span
  style='color:white'>Facility</span></b></p>
  </td>
  <td valign=top style='border-top:inset #111111 1.0pt;border-left:none;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  background:green;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
 
  <p class=MsoNormal align=center style='text-align:center'><b><span
  style='color:white'>FF Value</span></b></p>
  </td>
  <td valign=top style='border:none;border-right:inset #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal><b>&nbsp;</b></p>
  </td>
  <td valign=top style='border:inset #111111 1.0pt;border-left:none;
  background:green;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b><span
  style='color:white'>Severity</span></b></p>
  </td>
 
  <td valign=top style='border-top:inset #111111 1.0pt;border-left:none;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  background:green;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b><span
  style='color:white'>SS Value</span></b></p>
  </td>
  </tr>
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b>local 0</b></p>
 
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>16</p>
  </td>
  <td valign=top style='border:none;border-right:inset #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>&nbsp;</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
 
  <p class=MsoNormal>System unusable</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>0</p>
  </td>
</tr>
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
 
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>1</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>17</p>
  </td>
  <td valign=top style='border:none;border-right:inset #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>&nbsp;</p>
 
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>Immediate action required</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>1</p>
  </td>
</tr>
 
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>2</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>18</p>
  </td>
 
  <td valign=top style='border:none;border-right:inset #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>&nbsp;</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>Critical condition</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>2</p>
 
  </td>
</tr>
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>3</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>19</p>
 
  </td>
  <td valign=top style='border:none;border-right:inset #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>&nbsp;</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>Error conditions</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
 
  <p class=MsoNormal align=center style='text-align:center'>3</p>
  </td>
</tr>
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>4</b></p>
  </td>
 
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>20</p>
  </td>
  <td valign=top style='border:none;border-right:inset #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>&nbsp;</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>Warning conditions</p>
 
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>4</p>
  </td>
</tr>
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>5</b></p>
 
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>21</p>
  </td>
  <td valign=top style='border:none;border-right:inset #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>&nbsp;</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
 
  <p class=MsoNormal>Normal but significant conditions</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>5</p>
  </td>
</tr>
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
 
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>6</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>22</p>
  </td>
  <td valign=top style='border:none;border-right:inset #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>&nbsp;</p>
 
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>Informational messages</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>6</p>
  </td>
</tr>
 
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>7</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>23</p>
  </td>
 
  <td valign=top style='border:none;border-right:inset #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>&nbsp;</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal>Debugging messages</p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>7</p>
 
  </td>
</tr>
</table>
 
</div>
 
这个例子使用设备local4和表IV-1中的日志调试信息。
syslog output 20.7
no syslog console
syslog host 192.168.1.100
 
==Cisco PIX 防火墙 ==
 
PIX防火墙使用表IV.2的数字定义来决定它们的日志记录设备。
===Table IV-2 Syslog Facility and Severity Numbering Scheme for PIX Firewalls===
 
<div align=center>
 
<table class=MsoNormalTable border=1 cellspacing=0 cellpadding=0
style='border-collapse:collapse;border:none'>
  <tr style='page-break-inside:avoid'>
  <td valign=top style='border:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  background:green;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b><span
  style='color:white'>Facility</span></b></p>
  </td>
 
  <td valign=top style='border-top:inset #111111 1.0pt;border-left:none;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  background:green;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b><span
  style='color:white'>Logging Facility</span></b></p>
  <p class=MsoNormal align=center style='text-align:center'><b><span
  style='color:white'>Command Value</span></b></p>
  </td>
  </tr>
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
 
  <p class=MsoNormal align=center style='text-align:center'><b>local 0</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>16</p>
  </td>
</tr>
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
 
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>1</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>17</p>
  </td>
</tr>
<tr>
 
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>2</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>18</p>
  </td>
</tr>
 
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>3</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>19</p>
  </td>
 
</tr>
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>4</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>20</p>
 
  </td>
</tr>
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>5</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>21</p>
 
  </td>
</tr>
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>6</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>22</p>
 
  </td>
</tr>
<tr>
  <td valign=top style='border-top:none;border-left:inset #111111 1.0pt;
  border-bottom:inset #111111 1.0pt;border-right:solid #111111 1.0pt;
  padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'><b>local </b><b>7</b></p>
  </td>
  <td valign=top style='border-top:none;border-left:none;border-bottom:inset #111111 1.0pt;
  border-right:solid #111111 1.0pt;padding:7.5pt 7.5pt 7.5pt 7.5pt'>
  <p class=MsoNormal align=center style='text-align:center'>23</p>
 
  </td>
</tr>
</table>
 
</div>
 
此配置案例中,假设日志服务器连接到“inside”保护接口。它将日志信息发送到local3,严重度为5(通知),这个严重度由logging trap命令设置
logging on
logging standby
logging timestamp
logging trap notifications
logging facility 19
logging host inside 192.168.1.100
 
==Cisco CSS11000 (Arrowpoints)==
 
配置思科CSS11000系列负载均衡器的方法更直接。
您只需要用logging host命令指定一数字来代表日志设备,然后用logging subsystem命令来设置严重度。此例子中CSS11000的日志设备为local6,严重度为6(信息)
logging host 192.168.1.100 facility 6
set logging subsystem all info-6
logging commands enable
 
==思科syslog.conf文件示例 ==
 
#
# All LOCAL3 messages (debug and above) go to the firewall file ciscofw
#
local3.debug /var/log/cisco/ciscofw
#
# All LOCAL4 messages  (debug and above) go to the Local Director file ciscold
#
local4.debug /var/log/cisco/ciscold
#
# All LOCAL6 messages  (debug and above) go to the CSS file ciscocss
#
local6.debug /var/log/cisco/ciscocss
#
# All LOCAL7 messages  (debug and above) go to the ciscoacl
# This includes ACL logs which are logged at severity debug
#
local7.debug /var/log/cisco/ciscoacl
#
# LOCAL7 messages  (notice and above) go to the ciscoinfo
# This excludes ACL logs which are logged at severity debug
#
local7.notice /var/log/cisco/ciscoinfo

2008年6月3日 (二) 15:44的最新版本