04-24-2009 07:46 AM - edited 03-11-2019 08:23 AM
All,
I have a TON of traffic that's being logged to my syslog server from an ASA that's not even in production yet. Is there a way that I can keep these messages from being logged? The message code is the standard deny message that I need to log. Here's an example:
Deny udp src INSIDE:GO-VMWARE6/7013 dst identity:239.0.7.7/7013 by access-group "INSIDE" [0x0, 0x0]
Any ideas? These are constant, and I've had about 5000 (just what I tailed out of the log) in the last couple of hours.
Thanks,
John
Solved! Go to Solution.
04-24-2009 07:51 AM
04-24-2009 07:51 AM
04-24-2009 07:52 AM
R u running multicast on your network?
04-24-2009 08:13 AM
What I ended up doing, since the ASA was denying the traffic anyway, was create a deny statement in my acl and then disabling logging to the 229.0.0.0/16 destination. Works well, and now I have to find out why these two servers are multicasting traffic.
Thanks!
John
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide