How to trigger an alarm on the firewall?

Answered Question
Jun 19th, 2007

Hi Forum,

My ASA was configured to send alarm to Syslog server at critical level. How do I trigger an alarm to see if the logging really works at critical level?

Thanks much,

PN

I have this problem too.
0 votes
Correct Answer by srue about 9 years 5 months ago

enter the following command in config mode:

logging message 111005 level critical

that sets message log 111005 to the critical level. this particular log ID generates a message like the following:

Jun 20 2007 00:27:53: %PIX-5-111005: 192.168.x.y end configuration: OK

that message should be sent to your syslog server

when you're done testing, be sure to enter:

no logging message 111005 level critical

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
srue Tue, 06/19/2007 - 20:30

enter the following command in config mode:

logging message 111005 level critical

that sets message log 111005 to the critical level. this particular log ID generates a message like the following:

Jun 20 2007 00:27:53: %PIX-5-111005: 192.168.x.y end configuration: OK

that message should be sent to your syslog server

when you're done testing, be sure to enter:

no logging message 111005 level critical

paulnigel Tue, 06/19/2007 - 22:08

Hi Srue,

This is really useful! Actually it is the requirement of the SOX auditor to test whether the logging works. Can this be applied to PIX 515 as well?

Thanks much,

PN

paulnigel Tue, 06/19/2007 - 23:17

Hi Srue,

by entering "logging message 111005 level critical ", will it trigger a message immediately? I can't seems to get any message, but my the configuration has proven working coz it captured some spoofed traffic before.

Thanks much,

PN

JORGE RODRIGUEZ Wed, 06/20/2007 - 07:09

it should trigger a message imediately in your syslog server..

even by just entering " logging message 111005 " ENTER and see your syslogs.

Actions

This Discussion