Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

PIX501 Syslog everything

Hey all, I am tring to syslog all connections from a pix501 to a linux server, I see lots of connections and denys etc... but for some reason I am not seeing everything.

I can test by doing a telnet to a random port to a server behind the firewall from my home pc, and I do not see it in the syslogs.

I can ping through the firewall and do not see that go through in the logs either.

I am running version 6.3(5)

My logging config is below

logging on

logging trap debugging

logging host inside neteng

(neteng is the linux syslog server and should be using local4)

I have tried to set all the firewall rules to syslog debugging also, and that does not seem to work.

Any suggestions to make this pix firewall just log EVERY CONNECTION?

2 REPLIES
Cisco Employee

Re: PIX501 Syslog everything

I am very sure that you missed those connections in the syslogs.The level of logging setup is debugging and that's the highest on f/w.It includes all the lower level syslogs too.

Try :

logg mon 7

logg on

and see if on a telnet session to f/w,you see all those connections.If you do,then there is an issue with ur syslog server.

Regards,

Sushil

New Member

Re: PIX501 Syslog everything

It must be something on the setting of my syslog server, I new to setting that up.

But I have tried both

local4.* /var/log/pix.log

*.* /var/log/pix.log

The second, to my understanding should send all logs to that file.

Ill try to find some linux sys log server help, something is wrong

Thanks

226
Views
5
Helpful
2
Replies
CreatePlease to create content