Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Ciscoworks Syslog server

Hi there,

Is it possible to log the syslog of the 3rd party devices like checkpoint in ciscoworks LMS2.5. If so how can I view the log from ciscowork console. Since syslog send the logs visa UDP 514 I am sure my checkpoint is sending the logs. But I am not how to look into those logs. Can anyone pls help me in this regards.

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Ciscoworks Syslog server

The problem is that the checkpoint device is not a supported device in CiscoWorks. Even if you had snmp access to the fw, CW will not recognize this device and will not manage it.

So RME will report these syslog messages as invalid and will not run reports on them.

5 REPLIES
Cisco Employee

Re: Ciscoworks Syslog server

you can point the log to the CiscoWorks server, but the messages will only make it to the syslog.log or syslog_info file. As its not a managed device it won't appear in any of the GUI reports for LMS.

Also, if you are planning on logging a checkpoint to these log file be careful that it doesn't send too many messages. CiscoWorks RME will try to process all messages in the log file to see if they are managed messages and if there are too many it can cause problems.

Community Member

Re: Ciscoworks Syslog server

ok, I have the same question and is partly answered here.

So to get it to work I would need to make a checkpoint machine a managed device in ciscoworks. For that I need snmp access from ciscoworks to the firewall. That can be done via the systemedge agent we have on them.

So would it work then in theory right?

Anybody tried?

Cisco Employee

Re: Ciscoworks Syslog server

The problem is that the checkpoint device is not a supported device in CiscoWorks. Even if you had snmp access to the fw, CW will not recognize this device and will not manage it.

So RME will report these syslog messages as invalid and will not run reports on them.

Community Member

Re: Ciscoworks Syslog server

Hi,

To my understanding and the senario I faced it is not possible to call ciscoworks server to manage checkpoint device since it is not part of ciscoworks database device list.

So what I did is I used fedora syslog server and enable remote ( r) login and in checkpoint I point to the federoa syslog server IP address. It started login in boot.log file for your information in fedora.

cheers,

Community Member

Re: Ciscoworks Syslog server

Hi,

but dit you try to make it part of the ciscoworks database? In the past I managed to add windows servers in the database by entering their snmp strings.

I rather have less management applications then more.

689
Views
26
Helpful
5
Replies
CreatePlease to create content