Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASDM IP NAMES appearing in log instead of IP Addresses

Hello,

I'm rather new to Cisco security technology. I've configured a PIX 525 through the ASDM interface and its working fine. The only problem I've got is that the SYSLOG is not showing me the IP addresses but the IP Names I have created through ASDM. Is there any way to disable viewing of logical IP Names ? Filtering functions on the logs are not running properly now. Thank you!

2 REPLIES
Silver

Re: ASDM IP NAMES appearing in log instead of IP Addresses

It is very simple. Are you running SYSLOG

on Linux/Unix?

If you're running syslog on Linux, go into

the file /etc/sysconfig/syslog and modify the

following configurtion:

# Options to syslogd

# -m 0 disables 'MARK' messages.

# -r enables logging from remote machines

# -x disables DNS lookups on messages recieved with -r

# See syslogd(8) for more details

SYSLOGD_OPTIONS="-m 0 -r -x"

# Options to klogd

# -2 prints all kernel oops messages twice; once for klogd to decode, and

# once for processing with 'ksymoops'

# -x disables all klogd processing of oops messages entirely

# See klogd(8) for more details

KLOGD_OPTIONS="-x"

restart your syslog with "service syslog restart". Now you will see IP addresses:

Apr 11 12:22:30 192.168.0.3 2950292: .Apr 11 14:31:40: %SEC-6-IPACCESSLOGP: list 190 permitted udp 10.250.97.28(0) -> 192.168.0.2(0), 1 packet

Apr 11 12:22:31 192.168.0.3 2950293: .Apr 11 14:31:41: %SEC-6-IPACCESSLOGP: list 190 permitted udp 10.250.97.9(0) -> 128.18.100.39(0), 1 packet

Apr 11 12:22:33 192.168.0.3 2950294: .Apr 11 14:31:43: %SEC-6-IPACCESSLOGP: list black_hole permitted udp 10.7.32.1(67) -> 255.255.255.255(68), 1 packet

Easy right?

CCIE Security

New Member

Re: ASDM IP NAMES appearing in log instead of IP Addresses

Hi,

No, I'm using Cisco MARS. I don't want my PIX to reverse lookup the IP addresses whenever it logs (level=informational). The log does not contain DNS resolvable names, but the IP Names associated within the ASDM.

Thanks.

113
Views
0
Helpful
2
Replies