Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

View All Logs on SA540 Security Appliance


Fri, 07/08/2016 - 16:40
Apr 26th, 2016
User Badges:

Cisco Support Community

Article ID: 2225


View all logs is used to view the system message log contents generated by severity level and facility type.

Applicable Devices

• SA540 Security Appliance

Step-by-Step Procedure

To view all logs on SA500 Series

Step 1. At the security appliance configuration utility, choose Status > View Logs > View All Logs. The View All Logs page opens.

Step 2. Select the appropriate Log Severity level:

• Emergency — This is level 0. Here System is unusable. This is normally broadcast to all processes. Syslog definition is LOG_EMERG.

• Alert — This is level 1. Immediate action needed. Syslog definition is LOG_ALERT.

• Critical — This is level 2. Critical conditions, such as a hard device error. Syslog definition is LOG_CRIT.

Note: If you select Critical, all messages listed under the Critical, Emergency, and Alert categories are logged.

• Error — This is level 3. Error conditions. Syslog definition is LOG_ERR.

• Warning — This is level 4. Warning conditions. Syslog definition is LOG_WARNING.

• Notification — This is level 5. Normal but significant condition. Syslog definition is LOG_NOTICE.

• Information — This is level 6. Informational messages only. Syslog definition is LOG_INFO. A condition that is not an error condition, but that may require special handling.

• Debugging — This is level 7. Debugging messages contains information normally of use only when debugging a program. Syslog definition is LOG_DEBUG. By default, Debugging is selected.

Note: If Critical is selected, all messages listed under the Critical, Error Warning, Notification, Information, and Debugging are displayed. All Emergency and Alert categories will not be displayed in the logs.

Step 3. Select the appropriate Log Facility level:

• All — This displays all facility logs. By default, All is selected.

• Kernel logs — This displays logs that are a part of the kernel code.

• System logs — This displays user-space applications logs such as NTP, Session and DHCP.

• Wireless — This displays logs related to wireless.

• IPS — This displays logs generated by the Intrusion Prevention System (IPS).

• ProtectLink — This displays logs for ProtectLink Gateway and Endpoint services.

• VPN — This displays IKE and SSL VPN related logs.

• Firewall — This displays logs related to firewall rules, attacks, and content filtering.

• Network — This displays routing, DHCP, WAN, LAN and QoS logs.

Step 4. Enter the Source IP address for filtering the firewall logs.

Step 5. Also enter the Destination IP address for filtering the firewall logs.

Note: In steps 4 and 5, wildcard characters such as asterisk (*) and dot (.) are allowed in the source and destination address fields.

Step 6. Click Apply to save your settings.



This Document