Hola Cristhian, el modo shutdown SÍ genera syslogs y SÍ genera mensajes SNMP, lastimosamente no es congruente la documentación respecto a este tema, ya que inclusive en algunas páginas de Cisco indican que no se generan estos mensajes, pero en otras páginas de Cisco dicen que sí; al final se tiene que validar todo esto en la práctica.
Te paso lo que se genera cuando se detecta una violación en un puerto de un switch con el modo shutdown:
Show port-security:
Switch#show port-security
Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
(Count) (Count) (Count)
---------------------------------------------------------------------------
Gi0/0 1 0 1 Shutdown
---------------------------------------------------------------------------
Total Addresses in System (excluding one mac per port) : 0
Max Addresses limit in System (excluding one mac per port) : 4096
Syslog:
*Nov 3 00:12:34.637: %PM-4-ERR_DISABLE: psecure-violation error detected on Gi0/0, putting Gi0/0 in err-disable state *Nov 3 00:12:34.641: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0050.7966.6801 o n port GigabitEthernet0/0. *Nov 3 00:12:35.699: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to down *Nov 3 00:12:36.641: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to down
SNMP:
Switch# *Nov 3 00:18:29.050: %PM-4-ERR_DISABLE: psecure-violation error detected on Gi0/0, putting Gi0/0 in err-disable state *Nov 3 00:18:29.053: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0050.7966.6801 o n port GigabitEthernet0/0. *Nov 3 00:18:29.058: SNMP: Queuing packet to 192.168.10.1 *Nov 3 00:18:29.059: SNMP: V2 Trap, reqid 10, errstat 0, erridx 0 sysUpTime.0 = 52791 snmpTrapOID.0 = ciscoSyslogMIB.2.0.1 clogHistoryEntry.2.12 = PM clogHistoryEntry.3.12 = 5 clogHistoryEntry.4.12 = ERR_DISABLE clogHistoryEntry.5.12 = psecure-violation error detected on Gi0/0, putting Gi0/0 in err-disable state clogHistoryEntry.6.12 = 52790 *Nov 3 00:18:29.072: SNMP: Queuing packet to 192.168.10.1 *Nov 3 00:18:29.072: SNMP: V2 Trap, reqid 11, errstat 0, erridx 0 sysUpTime.0 = 52793 snmpTrapOID.0 = ciscoSyslogMIB.2.0.1 clogHistoryEntry.2.13 = PORT_SECURITY clogHistoryEntry.3.13 = 3 clogHistoryEntry.4.13 = PSECURE_VIOLATION clogHistoryEntry.5.13 = Security violation occurred, caused by MAC address 0050.7966.6801 on port GigabitEthernet0/0. clogHistoryEntry.6.13 = 52791 *Nov 3 00:18:29.308: SNMP: Packet sent via UDP to 192.168.10.1 *Nov 3 00:18:29.561: SNMP: Packet sent via UDP to 192.168.10.1 *Nov 3 00:18:30.130: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to down *Nov 3 00:18:30.135: SNMP: Queuing packet to 192.168.10.1 *Nov 3 00:18:30.136: SNMP: V2 Trap, reqid 12, errstat 0, erridx 0 sysUpTime.0 = 52899 snmpTrapOID.0 = snmpTraps.3 ifIndex.1 = 1 ifDescr.1 = GigabitEthernet0/0 ifType.1 = 6 lifEntry.20.1 = down *Nov 3 00:18:30.387: SNMP: Packet sent via UDP to 192.168.10.1 *Nov 3 00:18:31.053: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to down *Nov 3 00:18:31.060: SNMP: Queuing packet to 192.168.10.1 *Nov 3 00:18:31.061: SNMP: V2 Trap, reqid 13, errstat 0, erridx 0 sysUpTime.0 = 52991 snmpTrapOID.0 = ciscoSyslogMIB.2.0.1 clogHistoryEntry.2.14 = LINK clogHistoryEntry.3.14 = 4 clogHistoryEntry.4.14 = UPDOWN clogHistoryEntry.5.14 = Interface GigabitEthernet0/0, changed state to down clogHistoryEntry.6.14 = 52991 *Nov 3 00:18:31.418: SNMP: Packet sent via UDP to 192.168.10.1
Espero que quede claro.
Saludos! =)