cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
595
Views
0
Helpful
3
Replies

SNMP Traps

normanzhang
Level 1
Level 1

On PIX 7.2(4), I configured SNMP and Syslog on separate server.

snmp-server host inside 10.1.1.1

snmp-server enable traps snmp authentication linkup linkdown coldstart

snmp-server enable traps syslog

logging enable

logging timestamp

logging standby

logging asdm-buffer-size 512

logging console alerts

logging monitor notifications

logging buffered debugging

logging trap notifications

logging history informational

logging asdm debugging

logging facility 16

logging host inside 10.1.1.2

However 10.1.1.1 also picking up syslog traps (e.g., TCP tear-down, ..., etc).

http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logconf.html#wp1104110

indicate I need to change logging history <level>, but that would also impact syslog. What's best way to go about this?

1 Accepted Solution

Accepted Solutions

Richard Burts
Hall of Fame
Hall of Fame

Norman

Actually changing the logging history does not impact syslog logging. It is not intiutivly obvious but the logging history command does not change the syslog logging levels but does control the level of syslog message sent as an SNMP trap.

Your post seems to indicate that you were not expecting 10.1.1.1 to pick up syslog messages. But the command snmp-server enable traps syslog instructs the PIX to send syslog messages formatted as snmp traps. You use the logging history to control the level of syslog messages to send - which allows you to control the minimum syslog message level to the snmp server separate from what you send to the syslog server.

HTH

Rick

HTH

Rick

View solution in original post

3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

Norman

Actually changing the logging history does not impact syslog logging. It is not intiutivly obvious but the logging history command does not change the syslog logging levels but does control the level of syslog message sent as an SNMP trap.

Your post seems to indicate that you were not expecting 10.1.1.1 to pick up syslog messages. But the command snmp-server enable traps syslog instructs the PIX to send syslog messages formatted as snmp traps. You use the logging history to control the level of syslog messages to send - which allows you to control the minimum syslog message level to the snmp server separate from what you send to the syslog server.

HTH

Rick

HTH

Rick

i will do

no snmp-server enable traps syslog

to stop syslog being sent as snmp traps.

Norman

Yes that should stop sending syslog messages as SNMP traps.

I am glad that my response was helpful. Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read a question and can know that there were responses that led to a solution.

The forum is an excellent place to learn about Cisco networking. I encourage you to continue your participation in the forum.

HTH

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: