Examice

Exam 350-401 All QuestionsBrowse all questions from this exam

Question 794

Which configuration filters out DOT1X messages in the format shown below from being sent toward Syslog server 10.15.20.33?

Nov 20 13:47:32/553 %DOT1X-5-FAIL:Authentication failed for client (e04f.438e.de4f) on interface Gi1/0/1 AudtiSessionID 0A0B50A5000004543910739E

logging discriminator DOT1X facility drops DOT1X

logging host 10.15.20.33 discriminator DOT1X

logging discriminator DOT1X msg-body drops DOTX

logging host 10.15.20.33 discriminator DOTX

logging discriminator DOT1X mnemonics includes DOTX

logging host 10.15.20.33 discriminator DOT1X

logging discriminator DOT1X mnemonics includes DOT1X

logging host 10.15.20.33 discriminator DOTX

Correct Answer: A

To filter out DOT1X messages from being sent to the Syslog server, you need to create a logging discriminator that specifically drops messages with the DOT1X facility. The command 'logging discriminator DOT1X facility drops DOT1X' creates a discriminator named 'DOT1X' that drops all messages with the facility 'DOT1X'. The command 'logging host 10.15.20.33 discriminator DOT1X' specifies that only messages that do not match this discriminator criteria (i.e., excluding DOT1X messages) should be sent to the Syslog server at 10.15.20.33. Therefore, this configuration will correctly filter out DOT1X messages.

Discussion

slacker_at_workOption: A

logging discriminator DOT1X facility drops DOT1X: This command creates a logging discriminator named "DOT1X" and configures it to drop syslog messages with the facility "DOT1X". So, any syslog messages with the facility "DOT1X" will be dropped (not logged). logging host 10.15.20.33 discriminator DOT1X: This command specifies that syslog messages that match the criteria defined by the discriminator "DOT1X" are sent to the syslog server at the IP address 10.15.20.33. So, syslog messages that pass through the "DOT1X" discriminator (i.e., not dropped based on the first command) will be sent to the specified syslog server.

AsombrossoOption: A

filters out facility=DOT1X messages and drops them

blitzstormOption: A

Given answer is wrong. The message body doesn't contain "DOT1X". However the logging facility is "DOT1X" so A seems good. https://youtu.be/Lbb7vlQoGt0?feature=shared&t=154

SeMo0o0oOption: A

A is correct

Shri_Fcb10Option: A

A. logging discriminator DOT1X facility drops DOT1X logging host 10.15.20.33 discriminator DOT1X Explanation: The logging discriminator command creates a discriminator named DOT1X. The facility drops DOT1X part specifies that messages with a facility that includes DOT1X should be dropped. The logging host 10.15.20.33 discriminator DOT1X command sends log messages to the Syslog server at 10.15.20.33, but only those that do not match the discriminator criteria (i.e., excluding DOT1X messages).

05b11e1Option: A

DOT1X-5-FAIL: facility: dot1x severity:5 mnemonic:fail seq no:timestamp: %facility-severity-MNEMONIC:description

SeMo0o0oOption: A

A is correct

ferrogiuse88Option: A

A is the correct one

TadeseOption: A

Logging discriminator discr-name [ [facility] [mnemonics] [msg-body] { drops string | includes string } ] [ severity { drops sev-num | includes sev-num } ] [ rate-limit msglimit ]

eddggOption: A

it should be A

tivi92Option: A

I think that the correct answer should be A). logging discriminator DOT1X facility drops DOT1X logging host 10.15.20.33 discriminator DOT1X