On PIX 7.2(4), I configured SNMP and Syslog on separate server.
snmp-server host inside 10.1.1.1
snmp-server enable traps snmp authentication linkup linkdown coldstart
snmp-server enable traps syslog
logging asdm-buffer-size 512
logging console alerts
logging monitor notifications
logging buffered debugging
logging trap notifications
logging history informational
logging asdm debugging
logging facility 16
logging host inside 10.1.1.2
However 10.1.1.1 also picking up syslog traps (e.g., TCP tear-down, ..., etc).
indicate I need to change logging history <level>, but that would also impact syslog. What's best way to go about this?
Actually changing the logging history does not impact syslog logging. It is not intiutivly obvious but the logging history command does not change the syslog logging levels but does control the level of syslog message sent as an SNMP trap.
Your post seems to indicate that you were not expecting 10.1.1.1 to pick up syslog messages. But the command snmp-server enable traps syslog instructs the PIX to send syslog messages formatted as snmp traps. You use the logging history to control the level of syslog messages to send - which allows you to control the minimum syslog message level to the snmp server separate from what you send to the syslog server.