Pix 515E - Acces-list logging ?

Unanswered Question

Currently running a PIX 515E ver 6.35.

I need to log on a specific permit line in one of my access-lists and have that forwarded to a syslog server. I currently only log denies and dont want to turn on any higher logging b/c of the performance hit. So I was hoping to find a way to only log on one specific rule in the outside_inbound access-list...

I know I can setup a capture command with one specific rule for the inbound traffic in question, but is there a way to get that captured data to a syslog server ?

Any help would be appreciated..

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sbaddipudi Wed, 11/21/2007 - 10:17
User Badges:

If that doesn't work, you may need one more step to it. Change the logging level.


So i tried the logging option by itself and that doesnt work. Then I bumped up global logging to level 6 (informational) and that seemed to generate the message when the traffic matched the statement. However b/c I have bumped the logging to 6 I know have a ton more syslogs generated for all other traffic flowing thru the firewall which is what i was trying to avoid.

Is there a better way ??




This Discussion