12-06-2006 09:03 AM - edited 03-05-2019 01:12 PM
Does anyone know how to send the denied statistics to a syslog server for a security acl? I am using -- set security acl ip IPACL1 deny tcp any any eq 135 log -- on the switch. When I run -- show security acl log flow tcp any any -- I see entries but they are never sent to my syslog server. I set the syslog server facility to 5. Any suggestions?
12-06-2006 09:49 AM
you should set logging to the appropriate level based on the message...ex)
%SEC-6-IPACCESSLOGP
Set logging to level 6 in this instance
you would also want to enter the command:
logging
Are any other syslog messages making it to the syslog server? If not, then it isn't set to reach the server correctly.
12-06-2006 10:35 AM
Syslog server is getting information about ports connecting and disconnecting.
I set the level to 6 and i will check syslog.
thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: