Exam N10-008 topic 1 question 48 discussion

The correct answer is A. The syslog severity levels are 0 (Emergency), 1 (Alert), 2 (Critical), 3 (Error), 4 (Warning), 5 (Notice/Notification), 6 (Information), and 7 (Debugging). An easy mnemonic to memorize this is "Emus Are Cute Even When In Disguise." Because the device is set to send CRITICAL events, it will send only events that have a severity level of 2 and below. Thus, you have to configure the device to send events at severity level 5 or higher. B is incorrect because, presumably, the device would not have logged any events when an interface has gone down or up. C is incorrect because the server is already able to receive events that have a severity level of 2 and below. If it was not compatible, then no logs would have been received. D is incorrect because Management Information Bases (MIBs) are used for SNMP, not syslog.

Level 0: Emergency Level 1: Alert Level 2: Critical Level 3: Error Level 4: Warning Level 5: Notice Leve 6: Information Level 7: Debugging

The correct answer is A. Syslog messages are sent based on severity levels. The standard levels range from 0-7, where 0 is the most critical ("Emergency") and 7 is the least critical ("Debug"). In your case, the "Severity 5" alerts are considered "Notice" level, which indicates normal but significant conditions. The issue here is likely that the network device is not configured to send alerts of this severity level to the syslog server. Perhaps it's only set up to send more critical alerts (those with lower numbered severities).

It is A.

The severity level for these events is 5, and it is possible that the device is configured to only send events with a higher severity level to the syslog server. The configuration on the network device should be reviewed to ensure that the desired severity level is being sent to the syslog server.

The question stated that the network device is configured to SEND CRITICAL EVENTS to a syslog server, therefore, the current configuration will only send from Level 0 to Level 2 alerts and the rest will be just ingnored. Any opinion?

The answer "A. The network device is not configured to log that level to the syslog server" is correct because if the network device is not configured to log severity level 5 events to the syslog server, then these events won't be received by the server. It is possible that the network device is only configured to log events of a different severity level, or that it's not configured to log events at all. In this case, the technician would need to check the configuration of the network device and modify it to ensure that the necessary events are being logged to the syslog server.

The message level in the questions shows a Level 5 message (Severity 5). Since the device was sent to log critical messages, which are Level 2, Levels 3 through 7 messages wouldn't be sent to Syslog, but Levels 2, 1, and 0 would be.

Has nothing to do with the device actually down. It's not configured for notice events like Siji21 said. Answer is A

How is this A? The network device is configured according to the question. This could easily be (B) when the network device was down/unable to send the event.