1.
What are the popular destinations for Syslog messages to be saved?
Correct Answer(s)
B. The logging buffer RAM
C. The console terminal
E. Syslog server
Explanation
By default, switches send the output from system messages and debug privileged EXEC commands to a logging process. The logging process controls the distribution of logging messages to various destinations, such as the logging buffer (on RAM), terminal lines (console terminal), or a UNIX syslog server, depending on your configuration. The process also sends messages to the console.
(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_9_ea1/configuration/guide/swlog.html#wp1024032)
Note: Syslog messages can be written to a file in Flash memory although it is not a popular place to use. We can configure this feature with the command logging file flash:filename.
2.
Syslog was configured with a level 3 trap. Which 3 types of logs would be generated (choose four)
Correct Answer(s)
A. Emergencies
B. Alerts
C. Errors
E. Critical
Explanation
The Message Logging is divided into 8 levels as listed below:
Level Keyword Description
0 emergencies System is unusable
1 alerts Immediate action is needed
2 critical Critical conditions exist
3 errors Error conditions exist
4 warnings Warning conditions exist
5 notification Normal, but significant, conditions exist
6 informational Informational messages
7 debugging Debugging messages
The highest level is level 0 (emergencies). The lowest level is level 7. If you specify a level with the “logging console level” command, that level and all the higher levels will be displayed. For example, by using the “logging console warnings” command, all the logging of emergencies, alerts, critical, errors, warnings will be displayed.
In this question level 3 trap is configured so Emergencies, Alerts, critical and Errors messages are displayed. Although this question only requires to choose 3 correct answers but maybe something is missing here.
3.
Which three statements about Syslog utilization are true? (Choose three)
Correct Answer(s)
C. A Syslog server provides the storage space necessary to store log files without using router disk space.
D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.
F. A Syslog server helps in aggregation of logs and alerts.
Explanation
Syslog is a protocol used for message logging, allowing devices to send log messages to a centralized server. The given answer states that a Syslog server provides storage space for log files without using router disk space. This is true because the log files are stored on the server, reducing the burden on the router's storage. The answer also mentions that there are more Syslog messages available within Cisco IOS than SNMP trap messages. This is true as Syslog offers a wider range of log messages for monitoring and troubleshooting. Additionally, a Syslog server helps in aggregating logs and alerts, allowing for centralized management and analysis of log data.
4.
What command instructs the device to timestamp Syslog debug messages in milliseconds?
Correct Answer
B. Service timestamps debug datetime msec
Explanation
The “service timestamps debug” command configures the system to apply a time stamp to debugging messages. The time-stamp format for datetime is MMM DD HH:MM:SS, where MMM is the month, DD is the date, HH is the hour (in 24-hour notation), MM is the minute, and SS is the second. With the additional keyword msec, the system includes milliseconds in the time stamp, in the format HH:DD:MM:SS.mmm, where .mmm is milliseconds
(Reference: http://www.cisco.com/c/en/us/td/docs/ios/fundamentals/command/reference/cf_book/cf_r1.html#wp1030116)
5.
What is the default Syslog facility level?
Correct Answer
D. Local7
Explanation
The default Syslog facility level is local7.
6.
What levels will be trapped if the administrator executes the commandrouter(config)# logging trap 4
Correct Answer(s)
A. Emergency
C. Alert
D. Error
E. Warning
Explanation
The Message Logging is divided into 8 levels as listed below:
Level Keyword Description
0 emergencies System is unusable
1 alerts Immediate action is needed
2 critical Critical conditions exist
3 errors Error conditions exist
4 warnings Warning conditions exist
5 notification Normal, but significant, conditions exist
6 informational Informational messages
7 debugging Debugging messages
If you specify a level with the “logging trap level” command, that level and all the higher levels will be logged. For example, by using the “logging trap 4″ command, all the logging of emergencies, alerts, critical, errors, warnings will be logged.
7.
A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three)
Correct Answer(s)
B. Emergency
D. Critical
F. Error
Explanation
The command "logging trap 3" on a router sets the logging level to 3, which means that messages with severity levels of 0 to 3 will be sent to the Syslog server. The severity levels are as follows: 0 (emergency), 1 (alert), 2 (critical), 3 (error), 4 (warning), 5 (notification), 6 (informational), and 7 (debug). Therefore, the three message types that will be sent to the Syslog server are emergency, critical, and error.