04-24-2009 07:46 AM - edited 03-11-2019 08:23 AM
All,
I have a TON of traffic that's being logged to my syslog server from an ASA that's not even in production yet. Is there a way that I can keep these messages from being logged? The message code is the standard deny message that I need to log. Here's an example:
Deny udp src INSIDE:GO-VMWARE6/7013 dst identity:239.0.7.7/7013 by access-group "INSIDE" [0x0, 0x0]
Any ideas? These are constant, and I've had about 5000 (just what I tailed out of the log) in the last couple of hours.
Thanks,
John
Solved! Go to Solution.
04-24-2009 07:51 AM
04-24-2009 07:51 AM
04-24-2009 07:52 AM
R u running multicast on your network?
04-24-2009 08:13 AM
What I ended up doing, since the ASA was denying the traffic anyway, was create a deny statement in my acl and then disabling logging to the 229.0.0.0/16 destination. Works well, and now I have to find out why these two servers are multicasting traffic.
Thanks!
John
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: