Download - SNMP Syslog
-
8/10/2019 SNMP Syslog
1/23
2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
#$%i&&ing 'oday(s Infor 'omorrow(s
Cisco Networki
Syslog, SN)*
Vijay Bhuse, Ph.D.InstructorECPI University
Academy Co
-
8/10/2019 SNMP Syslog
2/23
2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
SN)*
+ SN)* is an a&&lication layer &rotocol that &rovides a mes
format for comm%nication etween what are termed manaagents
+ Com&onents incl%de
+ SN)* manager
+ SN)* agent
+ )anagement Information -ase
-
8/10/2019 SNMP Syslog
3/23
2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
SN)* )essages
+ et
+ Set
+ 'ra& / %nreliale
+ 'ra& SN)*v3 %ses AC / reliale
-
8/10/2019 SNMP Syslog
4/23
2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
#lements of Sim&le Networ )anagement *ro
-
8/10/2019 SNMP Syslog
5/23 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
SN)* in !se for )onitoring the Networ
-
8/10/2019 SNMP Syslog
6/23 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
SN)* in !se for )onitoring the Networ
-
8/10/2019 SNMP Syslog
7/23 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
'he )anagement Information -ase )I-
+ )I- defines each variale as an o7ect I8 9I8
+ 9rgani:es the into a hierarchy of 9I8s, %s%ally shown as a tree
+ )I- for any device incl%des some ranches of the tree with varialesmany networing devices and ranches with variales s&ecific to that
+ Networing e$%i&ment vendors lie Cisco can define their own &rivatethe tree
http://libproxy.ecpi.edu:2555/9780133363289/gloss01http://libproxy.ecpi.edu:2555/9780133363289/gloss01 -
8/10/2019 SNMP Syslog
8/23 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
)I- tree
-
8/10/2019 SNMP Syslog
9/23 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
9taining )I- val%e with snm&get
-v2c 'he version on SN)* in %se
-c community'he SN)* &assword, called a comm%nity string
10.250.250.14'he I* address of the monitored device
1.3.6.1.4.1.9.2.1.58.0'he n%meric o7ect identifier 9I8 of the )I
-
8/10/2019 SNMP Syslog
10/23 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
Config%ring SN)*v2
'here are two ty&es of comm%nity strings in SN)* =ersion
+ Read-only (RO)> *rovides access to the )I- variales, %allow these variales to changed, only read. -eca%se sec%
wea in =ersion 2c, many organi:ations only %se SN)* in
only mode.
+ Read-write (RW)> *rovides read and write access to all o
)I-.
-
8/10/2019 SNMP Syslog
11/23 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
Config%ring SN)* =ersion 2c for ?ead/9nly Access
R1(config)# ip access-list standard ACL!"#$%C$&'(!
R1(config-std-nacl)#permit )ost 10.10.10.101
R1(config-std-nacl)#e*it
R1(config)# snmp-server community +011ey,11 "# ACL!
R1(config)# snmp-server location $ampa
R1(config)# snmp-server contact Ant)ony &e/ueira
R1(config)# end
R1#
-
8/10/2019 SNMP Syslog
12/23
2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
Config%ring SN)* =ersion 2c for ?ead and @rite Acces
R2(config)# ip access-list standard ACL!"#$%C$&'(!
R2(config-std-nacl)#permit )ost 10.20.20.201
R2(config-std-nacl)# e*it
R2(config)# snmp-server community $3nn1s,ll " ACL!"#$
R2(config)# snmp-server location 'e or
R2(config)# snmp-server contact o)n &e/ueira
R2(config)# end
R2#
-
8/10/2019 SNMP Syslog
13/23
2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
SN)*v3
+ Message integrity: 'his hel&s ens%re that a &acet has n
tam&ered with in transit+ Authentication:'his hel&s ens%re that the &acet came f
nown and tr%sted so%rce
+ Encryption: 'his hel&s to ens%re that information cannot
the data is ca&t%red in transit
-
8/10/2019 SNMP Syslog
14/23
2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
*ossile Sec%rity modes of SN)*v3
-
8/10/2019 SNMP Syslog
15/23
2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
Syslog
+ Syslog &ermits vario%s Cisco devices and some other non
devices to send their system messages across the netwoservers
+ o% can even %ild a s&ecial o%t/of/and 99- networ fo
&%r&ose
+ 'here are many different Syslog server software &acages
@indows and !NIB
-
8/10/2019 SNMP Syslog
16/23
2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
*o&%lar destinations for syslog messages
+ 'he logging %ffer ?A) inside the ro%ter or switch
+ 'he console line
+ 'he terminal lines
+A syslog server
-
8/10/2019 SNMP Syslog
17/23
2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
Syslogging in the Networ
-
8/10/2019 SNMP Syslog
18/23
2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networing Academy, !.S."Canada
System )essage ormat
+ A timestamp:D8ec 1; 16>10>14.06