10-27-2008 06:30 AM - edited 03-11-2019 07:03 AM
How can i check deny log for a particular IP in PIX?
bit urgent request
thanks to everyone in advance
Vin
Solved! Go to Solution.
10-27-2008 07:00 AM
With high traffic flow it's very hard to see.
View solution in original post
10-27-2008 06:32 AM
Assuming your looking in the log buffer,
show log | i [ip address]
10-27-2008 06:43 AM
as internal buffer size is not very big in PIX- it might not be having it. Is there any other way i can check the deny logs?
10-27-2008 06:47 AM
You really have two options-
Make the buffer larger (still have a chance of missing it though).
logging buffer 16000
Or send the logs to syslog and review them off the server (preferred method)
logging host [ip address of syslog server]
Hope that helps.
10-27-2008 06:55 AM
Good option. so it means that definitely i might not be able to see any deny entry for a particular IP (i.e, if the traffic flow is very good on the firewall and buffer size set was to low)??
10-27-2008 07:08 AM
Thank you for your advice - very informative and quick.appreciate it. if i need to give you rating how can i do?
10-27-2008 07:19 AM
Looks like you already did, thanks for that, we appreciate it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
