×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Ciscoworks Syslog server

Answered Question
Aug 14th, 2006
User Badges:

Hi there,


Is it possible to log the syslog of the 3rd party devices like checkpoint in ciscoworks LMS2.5. If so how can I view the log from ciscowork console. Since syslog send the logs visa UDP 514 I am sure my checkpoint is sending the logs. But I am not how to look into those logs. Can anyone pls help me in this regards.

Correct Answer by David Stanford about 10 years 11 months ago

The problem is that the checkpoint device is not a supported device in CiscoWorks. Even if you had snmp access to the fw, CW will not recognize this device and will not manage it.


So RME will report these syslog messages as invalid and will not run reports on them.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (8 ratings)
Loading.
David Stanford Tue, 08/15/2006 - 05:50
User Badges:
  • Cisco Employee,

you can point the log to the CiscoWorks server, but the messages will only make it to the syslog.log or syslog_info file. As its not a managed device it won't appear in any of the GUI reports for LMS.


Also, if you are planning on logging a checkpoint to these log file be careful that it doesn't send too many messages. CiscoWorks RME will try to process all messages in the log file to see if they are managed messages and if there are too many it can cause problems.

hgru Thu, 08/31/2006 - 00:08
User Badges:

ok, I have the same question and is partly answered here.


So to get it to work I would need to make a checkpoint machine a managed device in ciscoworks. For that I need snmp access from ciscoworks to the firewall. That can be done via the systemedge agent we have on them.


So would it work then in theory right?

Anybody tried?



Correct Answer
David Stanford Thu, 08/31/2006 - 05:07
User Badges:
  • Cisco Employee,

The problem is that the checkpoint device is not a supported device in CiscoWorks. Even if you had snmp access to the fw, CW will not recognize this device and will not manage it.


So RME will report these syslog messages as invalid and will not run reports on them.



sivakumar.ks Thu, 08/31/2006 - 17:35
User Badges:

Hi,


To my understanding and the senario I faced it is not possible to call ciscoworks server to manage checkpoint device since it is not part of ciscoworks database device list.


So what I did is I used fedora syslog server and enable remote ( r) login and in checkpoint I point to the federoa syslog server IP address. It started login in boot.log file for your information in fedora.


cheers,

hgru Thu, 08/31/2006 - 22:44
User Badges:

Hi,


but dit you try to make it part of the ciscoworks database? In the past I managed to add windows servers in the database by entering their snmp strings.


I rather have less management applications then more.

Actions

This Discussion