Filter
Top Products
MAGNUM 6K SWITCHES, MNS-6K USER GUIDE
Once port security is setup, it is important to manage the log and review the log often. If the
signals are sent to the trap receiver, the traps should also be reviewed for intrusion and other
infractions.
Syslog and Logs
Logs are available on MNS-6K as well as MNS-6K-SECURE. Syslog functionality
is a feature of MNS-6K-SECURE.
All events occurring on the Magnum 6K family of switches are logged. These logs are in
compliance with the definitions of RFC 3164, though not all the nuances of the syslog are
implemented as specified by the RFC. As to what is done with each individual message, to
quote the RFC, it will depend on individual companies policies.
“An administrator may want to have all messages stored locally as well
as to have all messages of a high severity forwarded to another
device. They may find it appropriate to also have messages from a
particular facility sent to some or all of the users of the device and
displayed on the system console.
However the administrator decides to configure the disposition of the
event messages, the process of having them sent to a syslog collector
generally consists of deciding which facility messages and which
severity levels will be forwarded, and then defining the remote
receiver. For example, an administrator may want all messages that
are generated by the mail facility to be forwarded to one particular
event message collector. Then the administrator may want to have all
kernel generated messages sent to a different syslog receiver while,
at the same time, having the critically severe messages from the
kernel also sent to a third receiver. It may also be appropriate to
have those messages displayed on the system console as well as being
mailed to some appropriate people, while at the same time, being sent
to a file on the local disk of the device. Conversely, it may be
appropriate to have messages from a locally defined process only
displayed on the console but not saved or forwarded from the device.
In any event, the rules for this will have to be generated on the
device. Since the administrators will then know which types of
messages will be received on the collectors, they should then make
appropriate rules on those syslog servers as well.” – RFC 3164
The events can be as shown below
96