ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-401 All Questions

View all questions & answers for the 350-401 exam
Go to Exam

Exam 350-401 topic 1 question 794 discussion

Actual exam question from Cisco's 350-401
Question #: 794
Topic #: 1
[All 350-401 Questions]

Which configuration filters out DOT1X messages in the format shown below from being sent toward Syslog server 10.15.20.33?

Nov 20 13:47:32/553 %DOT1X-5-FAIL:Authentication failed for client (e04f.438e.de4f) on interface Gi1/0/1 AudtiSessionID 0A0B50A5000004543910739E

  • A. logging discriminator DOT1X facility drops DOT1X
    logging host 10.15.20.33 discriminator DOT1X
  • B. logging discriminator DOT1X msg-body drops DOTX
    logging host 10.15.20.33 discriminator DOTX
  • C. logging discriminator DOT1X mnemonics includes DOTX
    logging host 10.15.20.33 discriminator DOT1X
  • D. logging discriminator DOT1X mnemonics includes DOT1X
    logging host 10.15.20.33 discriminator DOTX
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by blitzstorm at Aug. 30, 2023, 6:55 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AbdullahMohammad251
Highly Voted 7 months, 3 weeks ago
Selected Answer: A
The syslog message "Nov 20 13:47:32/553 %DOT1X-5-FAIL:Authentication failed for client (e04f.438e.de4f) on interface Gi1/0/1 AudtiSessionID 0A0B50A5000004543910739E," contains the following fields: Nov 20 13:47:32/553 --> Timestamp (date & time) %DOT1X --> Facility Code (always start with the '%' sign) 5 --> Severity (0-7) FAIL --> mnemonics (categorizes the event within the facility code) "Authentication failed for client (e04f.438e.de4f) on interface Gi1/0/1 AudtiSessionID 0A0B50A5000004543910739E" --> message-text (condition of the vent that triggered the system message) "drops" keyword ---> used to drop the message that matches the pattern specified by the discriminator "logging host 10.15.20.33 discriminator DOT1X" ---> assigns the discriminator with a Syslog server @ 10.15.20.33
upvoted 5 times
AbdullahMohammad251
7 months, 3 weeks ago
https://www.pearsonitcertification.com/articles/article.aspx?p=1636219 https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/esm/command/esm-cr-book/esm-cr-a1.html#wp1888787448 https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/esm/configuration/xe-16-12/esm-xe-16-12-book/reliable-del-filter.html#GUID-87920FBF-24C3-4D50-801F-1E0FAAFE7297 https://mrncciew.com/2013/07/27/suppress-a-syslog-msg/
upvoted 2 times
...
...
05b11e1
Most Recent 10 months ago
DOT1X-5-FAIL: facility: dot1x severity:5 mnemonic:fail seq no:timestamp: %facility-severity-MNEMONIC:description
upvoted 3 times
...
[Removed]
11 months, 2 weeks ago
Selected Answer: A
A is correct
upvoted 1 times
...
ferrogiuse88
11 months, 2 weeks ago
Selected Answer: A
A is the correct one
upvoted 1 times
...
[Removed]
12 months ago
A is correct
upvoted 2 times
...
Shri_Fcb10
12 months ago
Selected Answer: A
A. logging discriminator DOT1X facility drops DOT1X logging host 10.15.20.33 discriminator DOT1X Explanation: The logging discriminator command creates a discriminator named DOT1X. The facility drops DOT1X part specifies that messages with a facility that includes DOT1X should be dropped. The logging host 10.15.20.33 discriminator DOT1X command sends log messages to the Syslog server at 10.15.20.33, but only those that do not match the discriminator criteria (i.e., excluding DOT1X messages).
upvoted 2 times
...
slacker_at_work
1 year, 2 months ago
Selected Answer: A
logging discriminator DOT1X facility drops DOT1X: This command creates a logging discriminator named "DOT1X" and configures it to drop syslog messages with the facility "DOT1X". So, any syslog messages with the facility "DOT1X" will be dropped (not logged). logging host 10.15.20.33 discriminator DOT1X: This command specifies that syslog messages that match the criteria defined by the discriminator "DOT1X" are sent to the syslog server at the IP address 10.15.20.33. So, syslog messages that pass through the "DOT1X" discriminator (i.e., not dropped based on the first command) will be sent to the specified syslog server.
upvoted 3 times
...
Tadese
1 year, 4 months ago
Selected Answer: A
Logging discriminator discr-name [ [facility] [mnemonics] [msg-body] { drops string | includes string } ] [ severity { drops sev-num | includes sev-num } ] [ rate-limit msglimit ]
upvoted 1 times
...
Asombrosso
1 year, 8 months ago
Selected Answer: A
filters out facility=DOT1X messages and drops them
upvoted 3 times
...
eddgg
1 year, 8 months ago
Selected Answer: A
it should be A
upvoted 1 times
...
tivi92
1 year, 8 months ago
I think that the correct answer should be A). logging discriminator DOT1X facility drops DOT1X logging host 10.15.20.33 discriminator DOT1X
upvoted 1 times
...
blitzstorm
1 year, 8 months ago
Selected Answer: A
Given answer is wrong. The message body doesn't contain "DOT1X". However the logging facility is "DOT1X" so A seems good. https://youtu.be/Lbb7vlQoGt0?feature=shared&t=154
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago