1.10.5 Ensure 'logging history severity level' is set to greater than or equal to '5'

Information

Determines which syslog messages should be sent to the SNMP server.

Rationale:

Syslog messages are an invaluable tool for accounting, monitoring, and routine troubleshooting. They can be sent as SNMP traps to an SNMP server. This provides an additional method for the events to be viewed in real time and a backup method to Syslog servers in case there is an issue with the Syslog protocol.

Solution

Step 1: Run the following command to set the logging level to 5:

hostname(config)# logging history 5

The severity level can be chosen between 0 and 7

Default Value:

The device does not log to simple network management protocol (SNMP) servers by default.

See Also

https://workbench.cisecurity.org/benchmarks/7194

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-1, 800-53|AU-2, CSCv7|6.3

Plugin: Cisco

Control ID: eeaf9de1196c41a0a3af0fdcf1a2eeb2b06955c2a29bcb1b5c8ec6095ae1d505