apt-get install sysklogd -y
#Change Configuration
vi /etc/default/syslogd
add SYSLOGD="-r"
Note: -r = Recive Remote Logs
#Configure syslog.conf file Add this line
vi /etc/syslog.conf
local7.debug /syslog/remote.log
Note: Where /syslog/remote.log is syslog file
Other way
daemon.*;mail.*;\
news.err;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
*.* /var/log/network/network.log
#*.* /var/log/network/%HOSTNAME%.log
#:msg, contains, "dsw1" /var/log/network/DSw1.log
:fromhost-ip,isequal,"10.0.10.11" /var/log/network/ASw1.log
:fromhost-ip,isequal,"10.0.10.12" /var/log/network/ASw2.log
:fromhost-ip,isequal,"10.0.10.13" /var/log/network/ASw3.log
:fromhost-ip,isequal,"10.0.10.14" /var/log/network/ASw4.log
:fromhost-ip,isequal,"10.0.10.1" /var/log/network/DSw1.log
:fromhost-ip,isequal,"10.0.10.2" /var/log/network/DSw2.log
:fromhost-ip,isequal,"10.0.5.1" /var/log/network/iNetR1.log
:fromhost-ip,isequal,"10.0.5.2" /var/log/network/iNetR2.log
:fromhost-ip,isequal,"10.1.1.1" /var/log/network/remote1.log
:fromhost-ip,isequal,"10.1.2.1" /var/log/network/remote2.log
:fromhost-ip,isequal,"10.1.3.1" /var/log/network/remote3.log
:fromhost-ip,isequal,"10.1.4.1" /var/log/network/remote4.log
#Restart Service
/etc/init.d/sysklogd restart
#Check if Syslog is on
ps -ef | grep syslog
netstat -a | grep syslog
#Configure Cisco Device
configure terminal
logging source-interface [interface]
logging <ip address of your Debian system>
logging trap debug
logging on
service timestamps log datetime msec localtime show-timezone
ntp-server <ntp-server>
Done !
