log one rule

Unanswered Question
May 11th, 2008

when configuring syslog in one PIX firewall, is it possible to send to syslog server only messages related to one access rule?

i don't want to filter by sevirity but by access rule.


thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
1cmerchant Mon, 05/12/2008 - 04:20

In theory I guess you could turn up the logging severity by using a command like 'logging trap emergency' which would then log only the most severe syslog events. Then in the access-list put 'log' at the end of every line and that should get close to what you described.

Actions

This Discussion