06-19-2007 07:27 PM - edited 03-11-2019 03:32 AM
Hi Forum,
My ASA was configured to send alarm to Syslog server at critical level. How do I trigger an alarm to see if the logging really works at critical level?
Thanks much,
PN
Solved! Go to Solution.
06-19-2007 08:30 PM
enter the following command in config mode:
logging message 111005 level critical
that sets message log 111005 to the critical level. this particular log ID generates a message like the following:
Jun 20 2007 00:27:53: %PIX-5-111005: 192.168.x.y end configuration: OK
that message should be sent to your syslog server
when you're done testing, be sure to enter:
no logging message 111005 level critical
06-19-2007 08:30 PM
enter the following command in config mode:
logging message 111005 level critical
that sets message log 111005 to the critical level. this particular log ID generates a message like the following:
Jun 20 2007 00:27:53: %PIX-5-111005: 192.168.x.y end configuration: OK
that message should be sent to your syslog server
when you're done testing, be sure to enter:
no logging message 111005 level critical
06-19-2007 10:08 PM
Hi Srue,
This is really useful! Actually it is the requirement of the SOX auditor to test whether the logging works. Can this be applied to PIX 515 as well?
Thanks much,
PN
06-19-2007 11:17 PM
Hi Srue,
by entering "logging message 111005 level critical ", will it trigger a message immediately? I can't seems to get any message, but my the configuration has proven working coz it captured some spoofed traffic before.
Thanks much,
PN
06-20-2007 07:09 AM
it should trigger a message imediately in your syslog server..
even by just entering " logging message 111005 " ENTER and see your syslogs.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide