12-22-2008 12:38 AM - edited 02-21-2020 03:10 AM
Hi Team,
Is there any way to send specific source and destination based traffic to my syslog server.
i want to monitore only specific traffic going through the firewall.
regards
PVK
12-22-2008 06:51 AM
You can set your logging level, and then selectively tell it not to send certain logs to the syslog server with:
no logging message 31057
The 31057 is the message number that will be in your ASA logs. It will still log the message in the buffer, but it won't trap it to the syslog server.
HTH,
John
*please rate all helpful posts*
12-22-2008 07:17 AM
I mean to say " I want only certain source and destination based logs only" to be logged in syslog server.
12-22-2008 07:20 AM
Okay, you won't be able to do this on the ASA. You'll need to filter results on source and destination on your syslog server. The ASA will log every hit from the logging level that you specify and below. You wouldn't, say, be able to create an ACL to log only hits that match it (although this would be nice).
HTH,
John
*please rate if helpful*
12-23-2008 10:26 PM
Thank John..
You meant to say in PIX/ASA firewall its not possible.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide