As i understand, has two way to monitor Switch/router.... use logging trap and use log snmp trap
1. THe first step: Configure logging trap on switch, it look as
Router(config)#Logging trap (trap level)
Router(config)#Logging host (Splunk Server) transport (tcp | udp) port (514)
Router(config)#Logging on
the Second step: setup Splunk to listen on port 514 (default), This way has success fully
But now my boss request me configure use snmp.
2. The first step, Configure use SNMP on router,switch it look as
Router(config)#snmp-server community (string) ro
Router(config)#snmp-server host (Splunk server) version (1,2,3) (string)
Router(config)#snmp-server enable trap snmp
the Second step, On Splunk i dont know what i do to get log trap from Router or switch. Can you help me do this tep?
If you has other way, can you recommend and write step by step to me. Thank you very much!
... View more