SlideShare a Scribd company logo

25.3.11 packet tracer logging from multiple sources

Freddy Buenaño
Freddy Buenaño

REDES

Engineering
1 of 5
Download to read offline
© 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 5 www.netacad.com LABORATORIO 25.3.11 Nombre: Rafael Buenaño Semestre: 9no B Packet Tracer - Logging from Multiple Sources Objectives Part 1: Use syslog to capture log files from multiple network devices Part 2: Observe AAA user access logging Part 3: Observe NetFlow information Background / Scenario In this activity, you will use Packet Tracer to view network data generated by syslog, AAA, and NetFlow. Instructions Part 1: View Log Entries with Syslog Step 1: The syslog Server Syslog is a messaging system designed to support remote logging. Syslog clients send log entries to a syslog server. The syslog server concentrates and stores log entries. Packet Tracer supports basic syslog operations and can be used for demonstration. The network includes a syslog server and syslog clients. R1, R2, Core Switch, and the Firewall are syslog clients. These devices are configured to send their log entries to the syslog server. The syslog server collects the log entries and allows them to be read. Log entries are categorized by seven severity levels. Lower levels represent more serious events. The levels are: emergencies (0), alerts (1), critical (2), errors (3), warnings (4), notifications (5), informational (6), and debugging (7). Syslog clients can be configured to ship log entries to syslog servers based on the severity level. a. Click the Syslog Server to open its window. b. Select the Services tab and select SYSLOG from the list of services shown on the left. c. Click On to turn on the Syslog service. d. Syslog entries coming from syslog clients will be shown in the window on the right. Currently, there are no entries. e. Keep this window open and visible and move on to Step 2.
Packet Tracer - Logging from Multiple Sources © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 5 www.netacad.com Step 2: Enable Syslog. The devices are already configured to send log messages to the syslog server, but Packet Tracer only supports the logging for the debugging severity level with syslog. Because of that, we must generate debug level messages (level 7) so they can be sent to the syslog server. a. Click R1 > CLI tab. b. Press Enter to get a command prompt and enter the command enable. c. Enter the command debug eigrp packets to enable EIGRP debugging. The command line console will immediately fill with debug messages. d. Return to the Syslog Server window. Verify that log entries appear on the syslog server. e. After a few messages have been logged, click the radio button to turn the syslog service Off. Question: What is some of the information that is included in the syslog messages that are being displayed by the Syslog Server?
Packet Tracer - Logging from Multiple Sources © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 5 www.netacad.com f. Close the R1 device window. Part 2: Log User Access Another important type of log relates to user access. Having records of user logins is crucial for troubleshooting and traffic analysis. Cisco IOS supports Authentication, Authorization and Accounting (AAA). With AAA, it is possible not only to delegate the user validation task to an external server but also to log activities. TACACS+ is a protocol designed to allow remote authentication through a centralized server. Packet Tracer offers basic AAA and TACACS+ support. R2 is also configured as a TACACS+ server. R2 will ask the server if that user is valid by verifying username and password, and grant or deny access based on the response. The server stores user credentials and is also able to log user login transactions. Follow the steps below to log in to R2 and display the log entries related to that login: a. Click the Syslog Server to open its window. b. Select the Desktop tab and select AAA Accounting. Leave this window open. c. Click R2 > CLI. d. Press Enter to get a command prompt. R2 will ask for username and password before granting access to its CLI. Enter the following user credentials: analyst and cyberops as the username and password, respectively. e. Return to the Syslog Server’s AAA Accounting Records window.
Packet Tracer - Logging from Multiple Sources © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 5 www.netacad.com Question: What information is in the log entry? Se encuentra la hora y la fecha, el usuario, el llamante Id, el indicador= inicio, la IP de donde se inicio, el Puerto del inicio f. On R2, enter the logout command. Question: What happened in the AAA Accounting window? Se encuentra la hora y la fecha, el usuario, el llamante Id, el indicador= paro, la IP de donde se inicio, el Puerto del inicio Part 3: NetFlow and Visualization In the topology, the Syslog server is also a NetFlow collector. The firewall is configured as a NetFlow exporter. a. Click the Syslog Server to bring up its window. Close the AAA Accounting Records window. b. From the Desktop tab, select Netflow Collector. The NetFlow collector services should be turned on. c. From any PC, ping the Corp Web Server at 209.165.200.194. After a brief delay, the pie chart will update to show the new traffic flow.
Packet Tracer - Logging from Multiple Sources © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 5 of 5 www.netacad.com Note: The pie charts displayed will vary based on the traffic on the network. Other packets flows, such as EIGRP-related traffic, are being sent between devices. NetFlow is capturing these packets and exporting statistics to the NetFlow Collector. The longer NetFlow is allowed to run on a network, the more traffic statistics will be captured. Reflection While the tools presented in this activity are useful, each one has its own service and may need to run on totally different devices. A better way, explored later in the course, is to have all the logging information be concentrated under one tool, allowing for easy cross-reference and powerful search capabilities. Security information and event management (SIEM) platforms can gather log files and other information from diverse sources and integrate the information for access by a single tool. End of document

Recommended

25.3.10 packet tracer explore a net flow implementation
25.3.10 packet tracer explore a net flow implementation25.3.10 packet tracer explore a net flow implementation
25.3.10 packet tracer explore a net flow implementationFreddy Buenaño
 
Example of dfd with answer
Example of dfd with answerExample of dfd with answer
Example of dfd with answerMahmoud Bakeer
 
Laporan membuat 2 router 6 switch dan 12 pc
Laporan membuat 2 router 6 switch dan 12 pcLaporan membuat 2 router 6 switch dan 12 pc
Laporan membuat 2 router 6 switch dan 12 pc261927
 
VLAN
VLANVLAN
VLANAlberto Jimenez
 
Keamanan Sistem Operasi Linux
Keamanan Sistem Operasi LinuxKeamanan Sistem Operasi Linux
Keamanan Sistem Operasi Linuxiqbal akil
 
Multiprosesor dan multikomputer
Multiprosesor dan multikomputerMultiprosesor dan multikomputer
Multiprosesor dan multikomputersmiledianita
 
Digital electronics lab
Digital electronics labDigital electronics lab
Digital electronics labswatymanoja
 
Subnetting Presentation
Subnetting PresentationSubnetting Presentation
Subnetting PresentationTouhidul Fahim
 

Recommended

25.3.10 packet tracer explore a net flow implementation
25.3.10 packet tracer explore a net flow implementation25.3.10 packet tracer explore a net flow implementation
25.3.10 packet tracer explore a net flow implementationFreddy Buenaño
 
Example of dfd with answer
Example of dfd with answerExample of dfd with answer
Example of dfd with answerMahmoud Bakeer
 
Laporan membuat 2 router 6 switch dan 12 pc
Laporan membuat 2 router 6 switch dan 12 pcLaporan membuat 2 router 6 switch dan 12 pc
Laporan membuat 2 router 6 switch dan 12 pc261927
 
VLAN
VLANVLAN
VLANAlberto Jimenez
 
Keamanan Sistem Operasi Linux
Keamanan Sistem Operasi LinuxKeamanan Sistem Operasi Linux
Keamanan Sistem Operasi Linuxiqbal akil
 
Multiprosesor dan multikomputer
Multiprosesor dan multikomputerMultiprosesor dan multikomputer
Multiprosesor dan multikomputersmiledianita
 
Digital electronics lab
Digital electronics labDigital electronics lab
Digital electronics labswatymanoja
 
Subnetting Presentation
Subnetting PresentationSubnetting Presentation
Subnetting PresentationTouhidul Fahim
 
Tutorial Packet Tracer NAT DHCP DNS Web Server FTP Email NTP SSH TELNET
Tutorial Packet Tracer NAT DHCP DNS Web Server FTP Email NTP SSH TELNETTutorial Packet Tracer NAT DHCP DNS Web Server FTP Email NTP SSH TELNET
Tutorial Packet Tracer NAT DHCP DNS Web Server FTP Email NTP SSH TELNETDavid Adi Nugroho
 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnettingIGZ Software house
 
Subnetting made simple
Subnetting made simpleSubnetting made simple
Subnetting made simpleWamuyu Murakaru
 
Pembahasan Solusi Perhitungan VLSM untuk Lab 11.9.3 Packet Tracer - VLSM Desi...
Pembahasan Solusi Perhitungan VLSM untuk Lab 11.9.3 Packet Tracer - VLSM Desi...Pembahasan Solusi Perhitungan VLSM untuk Lab 11.9.3 Packet Tracer - VLSM Desi...
Pembahasan Solusi Perhitungan VLSM untuk Lab 11.9.3 Packet Tracer - VLSM Desi...I Putu Hariyadi
 
Subnetting class
Subnetting classSubnetting class
Subnetting classFTC
 
Array dan Pointer
Array dan PointerArray dan Pointer
Array dan PointerDiana Anggraini
 
Triggering devices
Triggering devicesTriggering devices
Triggering devicesRCC Institute of Information Technology
 
CFG dan PARSING - P 5 - Teknik Kompilasi
CFG dan PARSING - P 5 - Teknik KompilasiCFG dan PARSING - P 5 - Teknik Kompilasi
CFG dan PARSING - P 5 - Teknik Kompilasiahmad haidaroh
 
elevator problem.pdf
elevator problem.pdfelevator problem.pdf
elevator problem.pdfJayaprasanna4
 
Lesson 2: Subnetting basics
Lesson 2: Subnetting basicsLesson 2: Subnetting basics
Lesson 2: Subnetting basicsMahmmoud Mahdi
 
Ip addressing classful
Ip addressing classfulIp addressing classful
Ip addressing classfulAbhishek Kesharwani
 
Subnet calculation Tutorial
Subnet calculation TutorialSubnet calculation Tutorial
Subnet calculation TutorialRitu Ranjan Shrivastwa
 
Introduction state machine
Introduction state machineIntroduction state machine
Introduction state machineShreyans Pathak
 
Materi 3 Finite State Automata
Materi 3 Finite State AutomataMateri 3 Finite State Automata
Materi 3 Finite State Automataahmad haidaroh
 
Dfd examples
Dfd examplesDfd examples
Dfd examplespatel chirantan
 
Static Routing
Static RoutingStatic Routing
Static RoutingKishore Kumar
 
melay and moore machine.pptx
melay and moore machine.pptxmelay and moore machine.pptx
melay and moore machine.pptxssuser1b2fab
 
State Diagrams
State DiagramsState Diagrams
State DiagramsVaidik Trivedi
 
Software engineering a practitioners approach 8th edition pressman solutions ...
Software engineering a practitioners approach 8th edition pressman solutions ...Software engineering a practitioners approach 8th edition pressman solutions ...
Software engineering a practitioners approach 8th edition pressman solutions ...Drusilla918
 
Digital Logic & Design (DLD) presentation
Digital Logic & Design (DLD) presentationDigital Logic & Design (DLD) presentation
Digital Logic & Design (DLD) presentationfoyez ahammad
 
CCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the networkCCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the networkVuz Dở Hơi
 
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...Protect724manoj
 

More Related Content

What's hot

Tutorial Packet Tracer NAT DHCP DNS Web Server FTP Email NTP SSH TELNET
Tutorial Packet Tracer NAT DHCP DNS Web Server FTP Email NTP SSH TELNETTutorial Packet Tracer NAT DHCP DNS Web Server FTP Email NTP SSH TELNET
Tutorial Packet Tracer NAT DHCP DNS Web Server FTP Email NTP SSH TELNETDavid Adi Nugroho
 
Pembahasan Solusi Perhitungan VLSM untuk Lab 11.9.3 Packet Tracer - VLSM Desi...
Pembahasan Solusi Perhitungan VLSM untuk Lab 11.9.3 Packet Tracer - VLSM Desi...Pembahasan Solusi Perhitungan VLSM untuk Lab 11.9.3 Packet Tracer - VLSM Desi...
Pembahasan Solusi Perhitungan VLSM untuk Lab 11.9.3 Packet Tracer - VLSM Desi...I Putu Hariyadi
 
Subnetting class
Subnetting classSubnetting class
Subnetting classFTC
 
CFG dan PARSING - P 5 - Teknik Kompilasi
CFG dan PARSING - P 5 - Teknik KompilasiCFG dan PARSING - P 5 - Teknik Kompilasi
CFG dan PARSING - P 5 - Teknik Kompilasiahmad haidaroh
 
elevator problem.pdf
elevator problem.pdfelevator problem.pdf
elevator problem.pdfJayaprasanna4
 
Lesson 2: Subnetting basics
Lesson 2: Subnetting basicsLesson 2: Subnetting basics
Lesson 2: Subnetting basicsMahmmoud Mahdi
 
Introduction state machine
Introduction state machineIntroduction state machine
Introduction state machineShreyans Pathak
 
Materi 3 Finite State Automata
Materi 3 Finite State AutomataMateri 3 Finite State Automata
Materi 3 Finite State Automataahmad haidaroh
 
melay and moore machine.pptx
melay and moore machine.pptxmelay and moore machine.pptx
melay and moore machine.pptxssuser1b2fab
 
Software engineering a practitioners approach 8th edition pressman solutions ...
Software engineering a practitioners approach 8th edition pressman solutions ...Software engineering a practitioners approach 8th edition pressman solutions ...
Software engineering a practitioners approach 8th edition pressman solutions ...Drusilla918
 
Digital Logic & Design (DLD) presentation
Digital Logic & Design (DLD) presentationDigital Logic & Design (DLD) presentation
Digital Logic & Design (DLD) presentationfoyez ahammad
 

What's hot (20)

Tutorial Packet Tracer NAT DHCP DNS Web Server FTP Email NTP SSH TELNET
Tutorial Packet Tracer NAT DHCP DNS Web Server FTP Email NTP SSH TELNETTutorial Packet Tracer NAT DHCP DNS Web Server FTP Email NTP SSH TELNET
Tutorial Packet Tracer NAT DHCP DNS Web Server FTP Email NTP SSH TELNET
 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnetting
 
Subnetting made simple
Subnetting made simpleSubnetting made simple
Subnetting made simple
 
Pembahasan Solusi Perhitungan VLSM untuk Lab 11.9.3 Packet Tracer - VLSM Desi...
Pembahasan Solusi Perhitungan VLSM untuk Lab 11.9.3 Packet Tracer - VLSM Desi...Pembahasan Solusi Perhitungan VLSM untuk Lab 11.9.3 Packet Tracer - VLSM Desi...
Pembahasan Solusi Perhitungan VLSM untuk Lab 11.9.3 Packet Tracer - VLSM Desi...
 
Subnetting class
Subnetting classSubnetting class
Subnetting class
 
Array dan Pointer
Array dan PointerArray dan Pointer
Array dan Pointer
 
Triggering devices
Triggering devicesTriggering devices
Triggering devices
 
CFG dan PARSING - P 5 - Teknik Kompilasi
CFG dan PARSING - P 5 - Teknik KompilasiCFG dan PARSING - P 5 - Teknik Kompilasi
CFG dan PARSING - P 5 - Teknik Kompilasi
 
elevator problem.pdf
elevator problem.pdfelevator problem.pdf
elevator problem.pdf
 
Lesson 2: Subnetting basics
Lesson 2: Subnetting basicsLesson 2: Subnetting basics
Lesson 2: Subnetting basics
 
Ip addressing classful
Ip addressing classfulIp addressing classful
Ip addressing classful
 
Subnet calculation Tutorial
Subnet calculation TutorialSubnet calculation Tutorial
Subnet calculation Tutorial
 
Introduction state machine
Introduction state machineIntroduction state machine
Introduction state machine
 
Materi 3 Finite State Automata
Materi 3 Finite State AutomataMateri 3 Finite State Automata
Materi 3 Finite State Automata
 
Dfd examples
Dfd examplesDfd examples
Dfd examples
 
Static Routing
Static RoutingStatic Routing
Static Routing
 
melay and moore machine.pptx
melay and moore machine.pptxmelay and moore machine.pptx
melay and moore machine.pptx
 
State Diagrams
State DiagramsState Diagrams
State Diagrams
 
Software engineering a practitioners approach 8th edition pressman solutions ...
Software engineering a practitioners approach 8th edition pressman solutions ...Software engineering a practitioners approach 8th edition pressman solutions ...
Software engineering a practitioners approach 8th edition pressman solutions ...
 
Digital Logic & Design (DLD) presentation
Digital Logic & Design (DLD) presentationDigital Logic & Design (DLD) presentation
Digital Logic & Design (DLD) presentation
 

Similar to 25.3.11 packet tracer logging from multiple sources

CCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the networkCCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the networkVuz Dở Hơi
 
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...Protect724manoj
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rulesFreddy Buenaño
 
Monitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogMonitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogDevOps.com
 
ArcSight Logger Forwarding Connector for HP Network Node Manager i
ArcSight Logger Forwarding Connector for HP Network Node Manager i ArcSight Logger Forwarding Connector for HP Network Node Manager i
ArcSight Logger Forwarding Connector for HP Network Node Manager i Protect724manoj
 
Merged document
Merged documentMerged document
Merged documentsreeja_16
 
Final ProjectFinal Project Details Description Given a spec.docx
Final ProjectFinal Project Details Description Given a spec.docxFinal ProjectFinal Project Details Description Given a spec.docx
Final ProjectFinal Project Details Description Given a spec.docxAKHIL969626
 
9Tuts.Com New CCNA 200-120 New CCNA New Questions 2
9Tuts.Com New CCNA 200-120 New CCNA New Questions 29Tuts.Com New CCNA 200-120 New CCNA New Questions 2
9Tuts.Com New CCNA 200-120 New CCNA New Questions 2Lori Head
 
CCNA_RSE_Chp10.pptx
CCNA_RSE_Chp10.pptxCCNA_RSE_Chp10.pptx
CCNA_RSE_Chp10.pptxHugoGamez7
 
SampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulSampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulJim Currul
 
Syslog Centralization Logging with Windows ~ A techXpress Guide
Syslog Centralization Logging with Windows ~ A techXpress GuideSyslog Centralization Logging with Windows ~ A techXpress Guide
Syslog Centralization Logging with Windows ~ A techXpress GuideAbhishek Kumar
 
ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081
ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081 ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081
ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081 Protect724manoj
 
Design an Implementation of A Messaging and Resource Sharing Software
Design an Implementation of A Messaging and Resource Sharing SoftwareDesign an Implementation of A Messaging and Resource Sharing Software
Design an Implementation of A Messaging and Resource Sharing Softwarenilabarai
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1milkux
 
Cisco Wireless LAN Controller Palo Alto Networks Config Guide
Cisco Wireless LAN Controller Palo Alto Networks Config GuideCisco Wireless LAN Controller Palo Alto Networks Config Guide
Cisco Wireless LAN Controller Palo Alto Networks Config GuideAlberto Rivai
 
Managing the logs of your (Rails) applications - Arrrrcamp 2011
Managing the logs of your (Rails) applications - Arrrrcamp 2011Managing the logs of your (Rails) applications - Arrrrcamp 2011
Managing the logs of your (Rails) applications - Arrrrcamp 2011lennartkoopmann
 
Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...
Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...
Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...GetInData
 
F5 BigIP LTM Initial, Build, Install and Licensing.
F5 BigIP LTM Initial, Build, Install and Licensing.F5 BigIP LTM Initial, Build, Install and Licensing.
F5 BigIP LTM Initial, Build, Install and Licensing.Kapil Sabharwal
 

Similar to 25.3.11 packet tracer logging from multiple sources (20)

CCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the networkCCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the network
 
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...
HP ArcSight Logger Forwarding Connector for HP NNMI Configuration Guide 5.2.1...
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
 
Monitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogMonitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with Datadog
 
ArcSight Logger Forwarding Connector for HP Network Node Manager i
ArcSight Logger Forwarding Connector for HP Network Node Manager i ArcSight Logger Forwarding Connector for HP Network Node Manager i
ArcSight Logger Forwarding Connector for HP Network Node Manager i
 
Merged document
Merged documentMerged document
Merged document
 
Final ProjectFinal Project Details Description Given a spec.docx
Final ProjectFinal Project Details Description Given a spec.docxFinal ProjectFinal Project Details Description Given a spec.docx
Final ProjectFinal Project Details Description Given a spec.docx
 
9Tuts.Com New CCNA 200-120 New CCNA New Questions 2
9Tuts.Com New CCNA 200-120 New CCNA New Questions 29Tuts.Com New CCNA 200-120 New CCNA New Questions 2
9Tuts.Com New CCNA 200-120 New CCNA New Questions 2
 
batch-4.pptx
batch-4.pptxbatch-4.pptx
batch-4.pptx
 
CCNA_RSE_Chp10.pptx
CCNA_RSE_Chp10.pptxCCNA_RSE_Chp10.pptx
CCNA_RSE_Chp10.pptx
 
SampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulSampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J Currul
 
Syslog Centralization Logging with Windows ~ A techXpress Guide
Syslog Centralization Logging with Windows ~ A techXpress GuideSyslog Centralization Logging with Windows ~ A techXpress Guide
Syslog Centralization Logging with Windows ~ A techXpress Guide
 
ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081
ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081 ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081
ArcSight Logger Forwarding Connector for HP NNMi Configuration Guide 5.1.7.6081
 
Design an Implementation of A Messaging and Resource Sharing Software
Design an Implementation of A Messaging and Resource Sharing SoftwareDesign an Implementation of A Messaging and Resource Sharing Software
Design an Implementation of A Messaging and Resource Sharing Software
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1
 
Cisco Wireless LAN Controller Palo Alto Networks Config Guide
Cisco Wireless LAN Controller Palo Alto Networks Config GuideCisco Wireless LAN Controller Palo Alto Networks Config Guide
Cisco Wireless LAN Controller Palo Alto Networks Config Guide
 
Managing the logs of your (Rails) applications - Arrrrcamp 2011
Managing the logs of your (Rails) applications - Arrrrcamp 2011Managing the logs of your (Rails) applications - Arrrrcamp 2011
Managing the logs of your (Rails) applications - Arrrrcamp 2011
 
Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...
Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...
Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...
 
Sc manual
Sc manualSc manual
Sc manual
 
F5 BigIP LTM Initial, Build, Install and Licensing.
F5 BigIP LTM Initial, Build, Install and Licensing.F5 BigIP LTM Initial, Build, Install and Licensing.
F5 BigIP LTM Initial, Build, Install and Licensing.
 

More from Freddy Buenaño

27.2.15 lab investigating a malware exploit
27.2.15 lab investigating a malware exploit27.2.15 lab investigating a malware exploit
27.2.15 lab investigating a malware exploitFreddy Buenaño
 
27.2.14 lab isolate compromised host using 5-tuple
27.2.14 lab isolate compromised host using 5-tuple27.2.14 lab isolate compromised host using 5-tuple
27.2.14 lab isolate compromised host using 5-tupleFreddy Buenaño
 
27.2.12 lab interpret http and dns data to isolate threat actor
27.2.12 lab interpret http and dns data to isolate threat actor27.2.12 lab interpret http and dns data to isolate threat actor
27.2.12 lab interpret http and dns data to isolate threat actorFreddy Buenaño
 
27.2.10 lab extract an executable from a pcap
27.2.10 lab extract an executable from a pcap27.2.10 lab extract an executable from a pcap
27.2.10 lab extract an executable from a pcapFreddy Buenaño
 
27.2.9 lab regular expression tutorial
27.2.9 lab regular expression tutorial27.2.9 lab regular expression tutorial
27.2.9 lab regular expression tutorialFreddy Buenaño
 
27.1.5 lab convert data into a universal format
27.1.5 lab convert data into a universal format27.1.5 lab convert data into a universal format
27.1.5 lab convert data into a universal formatFreddy Buenaño
 

More from Freddy Buenaño (6)

27.2.15 lab investigating a malware exploit
27.2.15 lab investigating a malware exploit27.2.15 lab investigating a malware exploit
27.2.15 lab investigating a malware exploit
 
27.2.14 lab isolate compromised host using 5-tuple
27.2.14 lab isolate compromised host using 5-tuple27.2.14 lab isolate compromised host using 5-tuple
27.2.14 lab isolate compromised host using 5-tuple
 
27.2.12 lab interpret http and dns data to isolate threat actor
27.2.12 lab interpret http and dns data to isolate threat actor27.2.12 lab interpret http and dns data to isolate threat actor
27.2.12 lab interpret http and dns data to isolate threat actor
 
27.2.10 lab extract an executable from a pcap
27.2.10 lab extract an executable from a pcap27.2.10 lab extract an executable from a pcap
27.2.10 lab extract an executable from a pcap
 
27.2.9 lab regular expression tutorial
27.2.9 lab regular expression tutorial27.2.9 lab regular expression tutorial
27.2.9 lab regular expression tutorial
 
27.1.5 lab convert data into a universal format
27.1.5 lab convert data into a universal format27.1.5 lab convert data into a universal format
27.1.5 lab convert data into a universal format
 

Recently uploaded

(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).pptssuser5c9d4b1
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...RajaP95
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college projectTonystark477637
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduitsrknatarajan
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Suman Mia
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 

Recently uploaded (20)

(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduits
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 

25.3.11 packet tracer logging from multiple sources

  • 1. © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 5 www.netacad.com LABORATORIO 25.3.11 Nombre: Rafael Buenaño Semestre: 9no B Packet Tracer - Logging from Multiple Sources Objectives Part 1: Use syslog to capture log files from multiple network devices Part 2: Observe AAA user access logging Part 3: Observe NetFlow information Background / Scenario In this activity, you will use Packet Tracer to view network data generated by syslog, AAA, and NetFlow. Instructions Part 1: View Log Entries with Syslog Step 1: The syslog Server Syslog is a messaging system designed to support remote logging. Syslog clients send log entries to a syslog server. The syslog server concentrates and stores log entries. Packet Tracer supports basic syslog operations and can be used for demonstration. The network includes a syslog server and syslog clients. R1, R2, Core Switch, and the Firewall are syslog clients. These devices are configured to send their log entries to the syslog server. The syslog server collects the log entries and allows them to be read. Log entries are categorized by seven severity levels. Lower levels represent more serious events. The levels are: emergencies (0), alerts (1), critical (2), errors (3), warnings (4), notifications (5), informational (6), and debugging (7). Syslog clients can be configured to ship log entries to syslog servers based on the severity level. a. Click the Syslog Server to open its window. b. Select the Services tab and select SYSLOG from the list of services shown on the left. c. Click On to turn on the Syslog service. d. Syslog entries coming from syslog clients will be shown in the window on the right. Currently, there are no entries. e. Keep this window open and visible and move on to Step 2.
  • 2. Packet Tracer - Logging from Multiple Sources © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 5 www.netacad.com Step 2: Enable Syslog. The devices are already configured to send log messages to the syslog server, but Packet Tracer only supports the logging for the debugging severity level with syslog. Because of that, we must generate debug level messages (level 7) so they can be sent to the syslog server. a. Click R1 > CLI tab. b. Press Enter to get a command prompt and enter the command enable. c. Enter the command debug eigrp packets to enable EIGRP debugging. The command line console will immediately fill with debug messages. d. Return to the Syslog Server window. Verify that log entries appear on the syslog server. e. After a few messages have been logged, click the radio button to turn the syslog service Off. Question: What is some of the information that is included in the syslog messages that are being displayed by the Syslog Server?
  • 3. Packet Tracer - Logging from Multiple Sources © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 5 www.netacad.com f. Close the R1 device window. Part 2: Log User Access Another important type of log relates to user access. Having records of user logins is crucial for troubleshooting and traffic analysis. Cisco IOS supports Authentication, Authorization and Accounting (AAA). With AAA, it is possible not only to delegate the user validation task to an external server but also to log activities. TACACS+ is a protocol designed to allow remote authentication through a centralized server. Packet Tracer offers basic AAA and TACACS+ support. R2 is also configured as a TACACS+ server. R2 will ask the server if that user is valid by verifying username and password, and grant or deny access based on the response. The server stores user credentials and is also able to log user login transactions. Follow the steps below to log in to R2 and display the log entries related to that login: a. Click the Syslog Server to open its window. b. Select the Desktop tab and select AAA Accounting. Leave this window open. c. Click R2 > CLI. d. Press Enter to get a command prompt. R2 will ask for username and password before granting access to its CLI. Enter the following user credentials: analyst and cyberops as the username and password, respectively. e. Return to the Syslog Server’s AAA Accounting Records window.
  • 4. Packet Tracer - Logging from Multiple Sources © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 5 www.netacad.com Question: What information is in the log entry? Se encuentra la hora y la fecha, el usuario, el llamante Id, el indicador= inicio, la IP de donde se inicio, el Puerto del inicio f. On R2, enter the logout command. Question: What happened in the AAA Accounting window? Se encuentra la hora y la fecha, el usuario, el llamante Id, el indicador= paro, la IP de donde se inicio, el Puerto del inicio Part 3: NetFlow and Visualization In the topology, the Syslog server is also a NetFlow collector. The firewall is configured as a NetFlow exporter. a. Click the Syslog Server to bring up its window. Close the AAA Accounting Records window. b. From the Desktop tab, select Netflow Collector. The NetFlow collector services should be turned on. c. From any PC, ping the Corp Web Server at 209.165.200.194. After a brief delay, the pie chart will update to show the new traffic flow.
  • 5. Packet Tracer - Logging from Multiple Sources © 2018 - 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 5 of 5 www.netacad.com Note: The pie charts displayed will vary based on the traffic on the network. Other packets flows, such as EIGRP-related traffic, are being sent between devices. NetFlow is capturing these packets and exporting statistics to the NetFlow Collector. The longer NetFlow is allowed to run on a network, the more traffic statistics will be captured. Reflection While the tools presented in this activity are useful, each one has its own service and may need to run on totally different devices. A better way, explored later in the course, is to have all the logging information be concentrated under one tool, allowing for easy cross-reference and powerful search capabilities. Security information and event management (SIEM) platforms can gather log files and other information from diverse sources and integrate the information for access by a single tool. End of document