Time
1 hour 43 minutes
Difficulty
Intermediate
CEU/CPE
2

Video Transcription

00:00
Hi, everyone. And welcome to the CIS log demo.
00:03
As you can see there, three devices that will be working on for this lab. We have rose zero with an i p o wanting to that one. Succeeded to that one
00:12
switch zero with the i p of wanting to that one. Succeeded to the five and server zero with an i p of one into the one succeeded to that 10
00:22
before anything else. Let's do a quick pink tests to verify the connectivity between devices. So let's have the words rather zero.
00:33
All right,
00:36
so we go with enable and that's pink to the switch into. Once you thought to the five.
00:48
All right,
00:50
and one into one succeeded to that 10.
00:56
And there you have it.
00:58
Now let's begin with configuring, sis. Log on, Rose zero.
01:02
It's a simple command. After you configure terminal,
01:07
the command would be logging hosts and the I P address off the server, which is 19 to 168 30 to 10.
01:17
This is the server that will be sending the logs to
01:23
after you ended. You can see that you're prompted that the logging host has started
01:30
and if we go to the server,
01:34
This chick of this? Anything sent over yet?
01:40
All right, let's for for this. This log is on and you can see there
01:45
is already receiving their first
01:47
logs.
01:51
It started basically.
01:53
Okay, let's add in a little bit more messages. So let's try
01:59
to debug I p i c m p
02:04
and do another ping tests to the server.
02:08
And as you can see, there is displayed.
02:15
Now, let's see what happens when we tried to shut off the interface.
02:20
So
02:21
has tried to
02:23
switch off.
02:28
Ask T through net 00
02:30
and the show off the port.
02:35
All right, so what does the log see?
02:39
You can see there that it's down,
02:46
which is also prompted as well on the device
02:47
where line protocol interface
02:51
past seeking that 00 has changed state to down.
03:00
And when you switch it back up,
03:07
it will also be censuses. Log server,
03:13
All right. List. Tried to see the message a little bit better.
03:23
All right, they go.
03:27
Just stay. Two up.
03:30
Change states of down.
03:32
All right,
03:36
So, basically, what we've learned is by enabling that single command logging hosts and the I P address of this, a slog server
03:44
is displaying all severity levels within a device.
03:49
If you wanted to filter out the messages a little better, you can definitely do that with a command using logging trap
03:55
and the severity level number. For example, for critical, you could put logging trap, too,
04:02
or basically logging trap critical
04:10
so into the command here.
04:13
Loving, trap
04:15
to
04:17
or
04:18
logging trip
04:21
critical.
04:27
So I'm sure some of you have noticed something a little bit off with the CIS log messages, which is the time Keep saying January 1st. So how are we able to solve this there two ways, actually, which is configuring the time manually on the device or through NTP or network time protocol?
04:46
Let's configure a manual time on Swiss zero and then
04:49
NTP configuration.
04:54
Let's start by configuring the manual time on switch zero and then we'll head over to rose zero for NTP configuration.
05:01
So let's close off writers euro. For the meantime,
05:05
open up switch zero.
05:08
Since we haven't figured anything yet. Answer. Zero. Let's start that now.
05:14
A figure terminal
05:16
logging host one into 168 but to the 10. But before that, let's clear the logs to have a better
05:26
view off. Switch zeros, logs.
05:30
All right.
05:35
And then that. Let's configure the time manually. So now it is. 1 15
05:46
24. October 2019.
05:50
All right, let's see what happens. Just debug your as well
05:56
into a pink test to the server
05:59
to the 10.
06:01
All right. The only to refresh this are there you go.
06:05
All right.
06:08
Second see from the switch to the five
06:13
is capturing the logs.
06:16
However, you can see the times still maintain that January 1st.
06:19
So what else have we forgotten?
06:25
Which is service
06:27
time stamps,
06:29
Log
06:30
date, time and milliseconds. Let me double check this. Not missed anything out. Okay, Since that's the Olney command for this simulator, let's enter that.
06:46
All right? And then let's do another pink test
06:51
to the 10.
06:55
Let's refresh it here.
07:00
On. There you have it.
07:02
It's
07:04
check the time.
07:06
So the time seemed to
07:11
go down this same. All right, so you can see that
07:15
time has changed
07:17
October 24th
07:20
as you've manually configured.
07:24
So the only thing missing earlier was just the service time stamps.
07:29
This base. This command basically
07:32
includes the time to be sent with to this a slow server
07:42
and always remember after a new configuration, do keep a copy and save your new configurations. We just copy, Run, start or copy. Running config Starting a startup Config.
07:57
Just copy. Running config.
07:59
Start up.
08:01
Come pick.
08:03
Either way would work. Well,
08:07
all right, let's start configuring for NTP on rather zero. So let's close ups. Which zero?
08:15
Clear the log here
08:18
and its head over to rudder zero.
08:22
This one's a little bit different, so you'll have to configure
08:26
and tp server
08:30
for this example. Our CIS log server will also be our NTP server,
08:35
so just double check that it's on. Yes, it is at the time now and at this date.
08:43
Okay, all sets. All good.
08:46
Let's continue with the configurations for 00 Just NTP server
08:52
wanting to the one succeeded to 10.10.
08:56
All right, so if we were to use show clock here,
09:01
you could see the time now as it is smashing with the server,
09:07
which is nine. Right?
09:11
So
09:13
Okay,
09:16
let's do another pink test.
09:26
All right, let's manually refreshes
09:30
and again with the switch.
09:33
Similarly, with the switch, I should see
09:35
we'll have to add in the service time stamps. Log
09:41
date time and
09:46
let's do another pink test.
09:52
Refreshed the slog.
09:54
And there you have it
09:58
updated
10:00
sis logs, which is definitely more accurate.
10:07
And remember to always, always save
10:13
you're configurations
10:18
and we're done with their systolic dembo. Thank you, everyone. Its head over Tauron next module, which is about net flow.

Up Next

Network Operational Management

This course is designed to help network specialists understand the responsibilities and best practices involved with monitoring and managing network operations.

Instructed By

Instructor Profile Image
Sheane Jayne
Network Engineer
Instructor