Cisco SF/SG 200 & 300 Series Switches

This guide outlines the steps for enabling system logs on your Cisco SF/SG 200 & 300 Series Managed Switches and forwarding them to Log Collector.

Log in to the web configuration utility and choose Administration > System Log > Log Settings. The System Logs Settings page opens:

In the Logging field, check the Enable check box to enable system logs.
(Optional) In the Syslog Aggregator field, check the Enable check box to enable syslog aggregator. A Syslog Aggregator adds identical and contiguous syslog messages and traps according to the specific Max Aggregation Time value and sends it in a single message.
If syslog aggregator is enabled, in the Max Aggregation Time field, enter the time in seconds the syslog aggregator will accumulate syslog messages to be sent as a single message.
The switch keeps information about its events in two places: in RAM memory, and in Flash memory. Under RAM Memory Logging and Flash Memory Logging, check the appropriate check boxes respectively:
• Emergency — The system is not usable.
• Alert — Action is needed.
• Critical — System is in critical condition.
• Error — A system error has occurred.
• Warning — A current or potential system condition has generated a warning.
• Notice — The system is functioning properly, but a system notice has been generated.
• Informational — General system and functional information.
• Debug — Provides extremely detailed information about system events.
Click Apply.

1. Log in to the web configuration utility and choose Administration > system log > Remote Log Servers. The Remote Log Server page opens:

Click Add to set up a remote log server. The Add Remote Log Server window appears.

• By Name — The log server is defined with a name.

• By IP Address — The log server is defined with an IP address.

In the IP Version field, click Version 6 or Version 4 as the type of IP address of the Log server.
If Version 6 is chosen as the IP address in Step 4, in the IPv6 address type, click one of the following radio buttons:
• Link Local — An IPv6 address that only identifies hosts on a single network link.
• Global — an IPv6 address that is reachable from other networks.
If Link Local is chosen as the IPv6 address type in Step 5, in the Link Local Interface drop-down list, choose the appropriate interface.
In the Log Server IP address/Name field, enter the appropriate IP address or name that identifies the Log Collector.
In the Facility drop-down list, choose the facility value from which the log messages are sent to the remote server. The facility value indicates where the system log message originated from.
(Optional) In the Description field, enter a description of the log server.
n the Minimum Severity drop-down list, choose the minimum severity level of the system log messages that are sent to the server. The severity level indicates the type of log message.
Click Apply.

This guide outlines the steps for enabling system logs on your Cisco SF/SG 200 & 300 Series Managed Switches and forwarding them to Log Collector.

Log in to the web configuration utility and choose Administration > System Log > Log Settings. The System Logs Settings page opens:

In the Logging field, check the Enable check box to enable system logs.
(Optional) In the Syslog Aggregator field, check the Enable check box to enable syslog aggregator. A Syslog Aggregator adds identical and contiguous syslog messages and traps according to the specific Max Aggregation Time value and sends it in a single message.
If syslog aggregator is enabled, in the Max Aggregation Time field, enter the time in seconds the syslog aggregator will accumulate syslog messages to be sent as a single message.
The switch keeps information about its events in two places: in RAM memory, and in Flash memory. Under RAM Memory Logging and Flash Memory Logging, check the appropriate check boxes respectively:
• Emergency — The system is not usable.
• Alert — Action is needed.
• Critical — System is in critical condition.
• Error — A system error has occurred.
• Warning — A current or potential system condition has generated a warning.
• Notice — The system is functioning properly, but a system notice has been generated.
• Informational — General system and functional information.
• Debug — Provides extremely detailed information about system events.
Click Apply.

1. Log in to the web configuration utility and choose Administration > system log > Remote Log Servers. The Remote Log Server page opens:

Click Add to set up a remote log server. The Add Remote Log Server window appears.

• By Name — The log server is defined with a name.

• By IP Address — The log server is defined with an IP address.

In the IP Version field, click Version 6 or Version 4 as the type of IP address of the Log server.
If Version 6 is chosen as the IP address in Step 4, in the IPv6 address type, click one of the following radio buttons:
• Link Local — An IPv6 address that only identifies hosts on a single network link.
• Global — an IPv6 address that is reachable from other networks.
If Link Local is chosen as the IPv6 address type in Step 5, in the Link Local Interface drop-down list, choose the appropriate interface.
In the Log Server IP address/Name field, enter the appropriate IP address or name that identifies the Log Collector.
In the Facility drop-down list, choose the facility value from which the log messages are sent to the remote server. The facility value indicates where the system log message originated from.
(Optional) In the Description field, enter a description of the log server.
n the Minimum Severity drop-down list, choose the minimum severity level of the system log messages that are sent to the server. The severity level indicates the type of log message.
Click Apply.

Reference: