cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
537
Views
0
Helpful
3
Replies

Rate Limits on Syslog

martincheung
Level 1
Level 1

Hi all

My syslog is being hammered by a lot of useless junk. is the way to deal with this through rate limits? If so what is a sensible number of messages and interval to set?

Thanks

3 Replies 3

Farrukh Haroon
VIP Alumni
VIP Alumni

A better option would be to turn of logging for unwanted syslog messages e.g.

no logging message

Or use logging lists/classes:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml#as

Regards

Farrukh

I'd like to log unsuccessful attempts but only once.

So for example I only want one entry for someone trying to ping me rather than every single packet.

Turning off a specific message seems to be global which I'd rather not do if I can avoid it.

Any ideas?

I don't think you can do this on the ASA. You could perhaps send this information to a specialized syslog analyzer (like MARS,manage engine, Sawmill) and then run custom queries/reports.

Regards

Farrukh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: