Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Pix 515E - Acces-list logging ?

Currently running a PIX 515E ver 6.35.

I need to log on a specific permit line in one of my access-lists and have that forwarded to a syslog server. I currently only log denies and dont want to turn on any higher logging b/c of the performance hit. So I was hoping to find a way to only log on one specific rule in the outside_inbound access-list...

I know I can setup a capture command with one specific rule for the inbound traffic in question, but is there a way to get that captured data to a syslog server ?

Any help would be appreciated..

4 REPLIES
New Member

Re: Pix 515E - Acces-list logging ?

Hi

You can add the keyword 'log' to the appropriate access-list line, which will generate a syslog message 106100 for every matching permit or deny, as explained in:

http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/ab.html#wp1067755

HTH

Kev

New Member

Re: Pix 515E - Acces-list logging ?

If that doesn't work, you may need one more step to it. Change the logging level.

Satya

New Member

Re: Pix 515E - Acces-list logging ?

So i tried the logging option by itself and that doesnt work. Then I bumped up global logging to level 6 (informational) and that seemed to generate the message when the traffic matched the statement. However b/c I have bumped the logging to 6 I know have a ton more syslogs generated for all other traffic flowing thru the firewall which is what i was trying to avoid.

Is there a better way ??

Cheers

Dave

New Member

Re: Pix 515E - Acces-list logging ?

Well it looks like if I set the access-log log setting to 4 it will still generate the required message (matched permit) even if my logging trap is set to 4 as well. So that pretty much gives me what I want.

Thanks for the help

Dave

276
Views
0
Helpful
4
Replies