Steps to Modify severity of syslog messages.
This can be achieved with the Cisco’s Embedded Syslog
Manager
Example:
Access list log messages are written by default with level 6
severity – informational
There was a requirement to increase the severity of these
messages level 3. This was achieved with the use of a tcl script and cisco’s
embedded syslog manager
TCL SCRIPT
# severityincr.tcl Increases the severity level of a syslog
message.
# Requires two arguments,
first the mnemonic and
# second the new severity
level.
# E.g., STATECHANGE 3
if { [string length $::orig_msg] == 0} {
return ""
}
if { [info exists ::cli_args] } {
set args [split $::cli_args]
if { [ string compare -nocase [lindex $args 0] $::mnemonic ] == 0 } {
set ::severity [lindex $args 1]
set sev_index [ string first [lindex $args 0] $::orig_msg ]
if { $sev_index >= 2 } {
incr sev_index -2
return [string replace $::orig_msg $sev_index $sev_index [lindex $args
1]]
}
}
}
return $::orig_msg
TCL script was copied
to router flash to enable local access
Copy tftp disk0:10.100.100.1 severityincr.tcl
Logging filter was
applied to router
Logging buffer filtered
Logging host 192.168.x.x filtered
Logging filter disk0:severityincr.tcl args IPACCESSLOGP 3
Log message following
change!
