Provide steps to view log entries with syslog.

In this activity, you will use Packet Tracer to view network data generated by syslog, AAA, and
NetFlow.

---

Step 1. The syslog Server
Syslog is a messaging system designed to support remote logging. Syslog clients send log
entries to a syslog server. The syslog server concentrates and stores log entries. Packet Tracer
supports basic syslog operations and can be used for demonstration. The network includes
a syslog server and syslog clients. R1, R2, Core Switch, and the Firewall are syslog clients.
These devices are configured to send their log entries to the syslog server. The syslog server
collects the log entries and allows them to be read.
Log entries are categorized by eight severity levels. Lower levels represent more serious

events. The levels are: emergencies (0), alerts (1), critical (2), errors (3), warnings (4), notifica-
tions (5), informational (6), and debugging (7). Syslog clients can be configured to ship log

entries to syslog servers based on the severity level.
a. Click the Syslog Server to open its window.
b. Select the Services tab and select SYSLOG from the list of services shown on the left.
c. Click On to turn on the Syslog service.
d. Syslog entries coming from syslog clients will be shown in the window on the right.

Currently, there are no entries.

e. Keep this window open and visible and move on to Step 2.
Step 2. Enable Syslog.
The devices are already configured to send log messages to the syslog server, but Packet
Tracer only supports the logging for the debugging severity level with syslog. Because of
that, we must generate debug level messages (level 7) so they can be sent to the syslog server.
a. Click the R1 > CLI tab.
b. Press Enter to get a command prompt and enter the command enable.
c. Enter the command debug eigrp packets to enable EIGRP debugging. The command

line console will immediately fill with debug messages.

d. Return to the Syslog Server window. Verify that log entries appear on the syslog server.
e. After a few messages have been logged, click the radio button to turn the syslog service

Off.
What is some of the information that is included in the syslog messages that are being
displayed by the Syslog Server?
Example message: EIGRP: Sending HELLO on GigabitEthernet0/0 AS 1, Flags 0x0, Seq
10/0 idbQ 0/0 iidbQ un/rely 0/0 Some of the information is the type of EIGRP packet

(HELLO), the interface that received the packet, the EIGRP autonomous system num-
ber, timestamp for the message and the source of the message. Details will vary.

f. Close the R1 device window.