Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX/ASA disable "name" lookup in syslog.

Is it possible to disable "name" lookups for PIX/ASA syslogs?

The PIX/ASAs seem to be converting certain fields in the syslog, from IPs to hostnames that are defined locally on the PIX/ASA.

Is there any way to disable this resolution specifically for syslog's, as it's confusing my SIEM?

I've had a look around but cant find a way to disable this (other than dropping the local hostname definition entirely which will impact rule readibility).

Is there any way to acheive this?

Thanks!

Everyone's tags (3)
1 REPLY

PIX/ASA disable "name" lookup in syslog.

Hello Chris,

The only way would be to disable the local name database configured on the Pix/ASA with the command:

     -No names

But it will affect all the other features that use the name database.

Regards,

Do please rate helpful posts

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
917
Views
0
Helpful
1
Replies
CreatePlease login to create content