2.2.3 Set 'logging console critical'

Information

Verify logging to device console is enabled and limited to a rational severity level to avoid impacting system performance and management.

This configuration determines the severity of messages that will generate console messages. Logging to console should be limited only to those messages required for immediate troubleshooting while logged into the device. This form of logging is not persistent; messages printed to the console are not stored by the router. Console logging is handy for operators when they use the console.

Solution

Configure console logging level.

hostname(config)#logging console critical

Impact:

Logging critical messages at the console is important for an organization managing technology risk. The 'logging console' command should capture appropriate severity messages to be effective.

See Also

https://workbench.cisecurity.org/benchmarks/17130

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-3, 800-53|AU-3(1), 800-53|AU-7, 800-53|AU-12, CSCv7|6.3

Plugin: Cisco

Control ID: 54aa5cc1aeb06769d46143b82c7cba088d66af179994709ceaf1700a66d97de3