Logging on a pix 515E

Unanswered Question
vitripat Mon, 03/05/2007 - 15:35

there is no command to log inbound traffic. Probably, you can have a syslog server setup, whill would log all the activity through/on PIX to a syslog server. Later you can use these log files for your analysis.

You can download a syslog server from following link, if required.

The name of the tool is Kiwi Syslog Server.


Install the server on any system connected to PIX, and then reboot the server.

Now enter following commands on your PIX :

pix(config)# logging host [interface_name] [ip_address]

pix(config)# logging trap [level]

pix(config)# logging on

[interface_name] ----> name of interface on which syslog server is connected


[ip_address] ----> ip address of workstation where you install sylog server.

[level] ----> level of logging desired.

Different levels are as follows:

0 - Emergencies - System unusable messages.

1 - Alerts - Take immediate attention.

2 - Critical - Critical Condition.

3 - Errors - Error messages (this is the default level)

4 - Warnings - Warning messages.

5 - Notifications - Normal but significant condition.

6 - Informational - Informational message.

7 - Debugging - Debug messages and log FTP commands and WWW URLs.

Either level no. or level name can be used in the above command.

Here is a link which tells in detail about all the syslog messages on PIX-


Hope this is helpful.




This Discussion