Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
381
Views
0
Helpful
1
Replies

Question about CSM (3.1.1)

HWangLoyalty_2
Level 1
Level 1

‎10-02-2008 06:27 AM

a.how to see the logs of firewall? I mean it is from internal buffer. Do we need setup "logging filter" and configure command "snmp-server" on our firewall?

b.How can I see change audit report like LMS? for example, I could find who did this change and what change is? I tried use "change reports", but I did not find anything.

Please give me some advice! Thank you.

Labels:
0 Helpful
1 Reply 1

mchin345
Level 6
Level 6

‎10-08-2008 06:15 AM

Configuring Logging Filters

The Logging Filters page lets you configure a logging destination for event lists (syslog filters) that have been configured using the Event Lists page, or for only the syslog messages that you specify using the Edit Logging Filters page. Syslog messages from specific or all event classes can be selected using the Edit Logging Filters page.

Step 1 Select Platform > Logging > Logging Filters.

The Logging Filters page appears.

Step 2 Do one of the following:

• To add a new filter rule, click the Add Row button.

• To edit the settings defined for a rule, select the check box for the filter rule, then click the Edit Row button.

The Edit Logging Filters dialog box appears.

Step 3 Select the destination for this filter rule in the Logging Destination list.

Step 4 To specify settings that apply to all syslog event classes, do one of the following:

• To specify the highest level of events to log, click the Filter on severity radio button and then select the appropriate level in the list box that becomes editable.

Severity levels are aggregate; they add events to lower severity levels. This list organizes from sparse to detailed in ascending order.

• To specify that you want this device to generate only those events defined in an event list, click the Use event list radio button and then select the appropriate event list in the list box that becomes editable.

• To disable event logging for this security appliance, click the Disable logging radio button.

Step 5 To define custom event levels based on a system-defined event class, select the event class and the associated level of events, and click the >> (Add) button.

The custom event level appears in the list.

Step 6 Repeat Step 5 as needed.

Step 7 Click OK.

The logging filter rule appears in the table.

Step 8 Click Save to save your definitions to the Security Manager server.

Configuring SNMP

Simple Network Management Protocol (SNMP) defines a standard way for network management stations running on PCs or workstations to monitor the health and status of many types of devices, including switches, routers, and the security appliance. You can use the SNMP page to configure a firewall device for monitoring by SNMP management stations.

For further information to configure Logging filter & SNMP server click this link.

http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/3.1/user/guide/pxchap.html#wp1209387

0 Helpful
Customers Also Viewed These Support Documents