How can i check deny log for a particular IP in PIX

Answered Question
Oct 27th, 2008

How can i check deny log for a particular IP in PIX?

bit urgent request

thanks to everyone in advance


I have this problem too.
0 votes
Correct Answer by Collin Clark about 7 years 11 months ago

With high traffic flow it's very hard to see.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
vintan1801 Mon, 10/27/2008 - 06:43

as internal buffer size is not very big in PIX- it might not be having it. Is there any other way i can check the deny logs?

Collin Clark Mon, 10/27/2008 - 06:47

You really have two options-

Make the buffer larger (still have a chance of missing it though).

logging buffer 16000

Or send the logs to syslog and review them off the server (preferred method)

logging host [ip address of syslog server]

Hope that helps.

vintan1801 Mon, 10/27/2008 - 06:55

Good option. so it means that definitely i might not be able to see any deny entry for a particular IP (i.e, if the traffic flow is very good on the firewall and buffer size set was to low)??

vintan1801 Mon, 10/27/2008 - 07:08

Thank you for your advice - very informative and quick.appreciate it. if i need to give you rating how can i do?


This Discussion