Sending log messages from your Cisco network equipment to a centralized syslog server is a fairly normal activity. Most of the time, this setup works fine and there's no reason to do anything out of the ordinary. Occasionally though, you might need to run a debugging session over an extended period of time, and the log buffer might not be sufficient to store the debug messages you are hoping to catch. By default, debug output is not sent to syslog.
Syslog messages come in 8 severity levels ranging from emergencies (most severe) to debugging (least severe). By default, Cisco IOS sends all messages of informational (severity 6) and above to the syslog server. That means that everything but debugging output is stored in your central location, and that's usually OK. If you need to store the debugging output for later research, you have to send debugging output too.
To change the minimum severity level that is sent to syslog, use the logging trap
configuration command. In order to send debugging output to the syslog server, issue logging trap debugging
at the configuration prompt.
It's important to remember the effect that logging has on the device. If you are sending too much logging information to the syslog server, it can effect the performance of the network, in addition to the performance of the router or switch. If the debugging output is going to be voluminous, use this command with great care and attention.
When you are ready to stop sending debugging output to your syslog server, use the logging trap informational
configuration command. The no
version of the logging trap
configuration command turns off syslogging, and this is definitely not what you want.