08-12-2008 11:52 AM - edited 03-06-2019 12:45 AM
Hello Guys,
Can anybody point me, as how I can achieve following on Router, Switch and FW.
1. Separate logging per context (management and transaction traffic)
2. Can logs for each context be send to a separate syslog server
3. Can logs for each context be sent to a 3rd party by any other means besides syslog server
4. Can logs for shared services (using shared context) be parsed to separate only traffic for a specific client.
Thankyou.
08-12-2008 11:36 PM
Hello Jayesh,
on a FWSM to have separated log files should be enough to configure logging in each context.
We do so.
Configuration can be different in each context so 2) this is possible
example:
FW-RM-TLD066-SF/SOC# sh run | inc log
logging enable
logging buffered debugging
logging host OUTSIDE 10.98.72.67
FW-RM-TLD066-SF/SOC#
3) I don't know but I don't think is possible you can use multiple syslog servers
4) log files can be parsed using scripts to filter them
Hope to help
Giuseppe
08-13-2008 09:25 PM
Hi, Giuseppe,
Thank you for the response. Would you know if system log message would include the context name in the message format?
-Jayesh
08-13-2008 11:48 PM
Hello Jayesh,
in our case there are separeted log files for each context and inside evey line contains an ip address that should be context-specific.
file names are FWSM_hostname-context_name
example:
FW-SF-TLD066-Applic.txt
where FW-SF-TLD066 id FSWM hostanme and Applic is a truncated version of context name
Hope to help
Giuseppe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: