Is there a way to debug syslog messages? Something like "debug ip syslog"?

debug logging?

Debug logging? There isn't anything to debug in logging.. Logging is debugging.

What are you trying to do?

_________________
blog.brokennetwork.ca

At least on a Cisco 2811(c2800nm-advipservicesk9-mz.124-11.XW7.bin) there is no such option as "debug logging":






I would like to ensure that my router sends out syslog messages. According to "show logging" output it should do this. I guess only option here is to make an ACL and check the counters?

Why not just check the the Syslog server?

_________________
blog.brokennetwork.ca

Indeed, unless you don't have one? There are plenty of free syslog servers out there.

Alternately, you could sniff for syslog packets (seems like overkill, but hey).

The problem is that syslog server receives no traffic from this host I'm able to ping syslog server from router, but if I tcpdump in the server it receives no UDP traffic while according to router it sends to syslog server UDP port 514. Both router and server are in remote locations and access is over public Internet.
I was just wondering maybe there is a way to debug syslog traffic like it's possible to debug for example ICMP or GRE traffic If there isn't I'll create an ACL for outgoing UDP port 514 traffic and check the counters.

See, this is good info you should share initally

Try a traceroute from the router to the Syslog server on UDP 514. See if anything is blocking it.

The output of 'show logg' should show how many messages the router thinks it's sent. If you want to do an ACL you'll have to do it on another device as outbound ACLs don't catch traffic generated by the router itself.

_________________
blog.brokennetwork.ca

Debugging is priority 7 in syslog and the router defaults to informational if memory serves. To get the debugs to transmit over the network then:

C1811(config)#logging trap debugging

_________________
_______________________________________________________________________
There are 10 types of people in the world. Those who understand binary and those who don't.

Ok, but is there some technique/method to ACL traffic generated by the router itself?

Stick a switch in front of the router and span the port. Run tcpdump/wireshark

_________________
www.mellowd.co.uk/ccie/

This isn't possible in this case because router is connected directly to ISP VDSL2 converter in a remote location.