GE Set logsize size=1-1000, Example 6-6 Security log commands, ML1200# show log

(such as unexpected behavior). The specific types of logs can be viewed and cleared. The show log command displays the log information and the clear log command clears the log entries. The syntax for these commands is shown below:

show log [1..5informationaldebugfatal criticalactivity] clear log [informationaldebugactivity criticalfatal]

The set logsize command set the number of lines to be collected in the log before the oldest record is re-written. The syntax for this command is:

set logsize size=<1-1000>

Example 6-6illustrates the show log and clear log commands. The show log command indicates the type of log activity in the S column. I indicates informational entries and A indicates activities which are a result of port-security setup. Notice the clear log informational command clears the informational entries only.

The log shows the most recent intrusion at the top of the listing. If the log is filled when the switch detects a new intrusion, the oldest entry is dropped off the listing.

As discussed in the prior section, any port can be set to monitor security as well as make a log on the intrusions that take place. The logs for the intrusions are stored on the switch. When the switch detects an intrusion on a port, it sets an “alert flag” for that port and makes the intrusion information available.

The default log size is 50 rows. To change the log size, use the set logsize command.

Example 6-6: Security log commands

ML1200# show log

A12-17-2004 12:07:16 P.M PS:INTRUDER 00:e0:29:2a:f0: 3a@port15, packet dropped

ML1200# clear log informational

Clear Logged Events? ['Y' or 'N']

ML1200# show log