Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
309
Views
0
Helpful
4
Replies

Logging useful PIX information

Go to solution
bsisco
Level 1
Level 1

‎03-10-2006 10:01 AM - edited ‎02-21-2020 12:45 AM

Hi everyone.

I am running a PIX 515e w/ version 6.2(2)

I am working on configuring useful syslogging from the system. We have a network management suite to monitor our PIX. Trouble is even at a logging level of 2 (critial) on the PIX I am getting a bunch of connection based messages (106001 and 106006) that are clogging up the database. These don't seem like critical messages to me.

At the same time I do not see messages I would expect to see about failover status etc. (and a sh log via ssh connection doesn't show timestamps). Here's the logging config I'm working with.

logging on

logging timestamp

logging standby

logging buffered warnings

logging trap critical

logging history warnings

logging host inside <syslog1 IP>

Any suggestions/ explanations/ ideas?

Thanks!

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
rsmith
Level 3
Level 3

‎03-10-2006 11:10 AM

If you do not want to log the connection messages, add a configuration line "no logging message (message number)" where the "message number" would be 106001 or 106006. Change your logging level to 4 or 5 (Warnings or Notifications) and see what shows up. A listing of messages by severity level can be found here:

http://www.cisco.com/en/US/customer/products/sw/secursw/ps2120/products_system_message_guide_chapter09186a0080441d02.html

View solution in original post

0 Helpful

Go to solution
Patrick Iseli
Level 7
Level 7

‎03-10-2006 11:12 AM

You can change the logging level of this messages to debugging so you will not see them any more on your Syslog server.

Example Teardown messages:

logging message 302016 level debugging

In your case:

logging message 106001 level debugging

logging message 106006 level debugging

sincerely

Patrick

View solution in original post

0 Helpful
4 Replies 4

Go to solution
rsmith
Level 3
Level 3

‎03-10-2006 11:10 AM

If you do not want to log the connection messages, add a configuration line "no logging message (message number)" where the "message number" would be 106001 or 106006. Change your logging level to 4 or 5 (Warnings or Notifications) and see what shows up. A listing of messages by severity level can be found here:

http://www.cisco.com/en/US/customer/products/sw/secursw/ps2120/products_system_message_guide_chapter09186a0080441d02.html

0 Helpful

Go to solution
bsisco
Level 1
Level 1
In response to rsmith

‎03-10-2006 01:15 PM

Any suggestions about Failover notices such as keepalives etc. Do they happen at a higher logging level?

Thanks again!

0 Helpful

Go to solution
rsmith
Level 3
Level 3
In response to bsisco

‎03-10-2006 01:35 PM

Failover keepalives do not log (as far as I could find). There are some failover messages that do log, but these are only during an "event" such as writing config to the failover unit from the primary, an actual failover event, etc. The link listed before has all the failover messages that could log, and a link to the failover process is provided below. Hope this helps.

http://www.cisco.com/en/US/customer/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a00800eb72f.html#wp1007451

0 Helpful

Go to solution
Patrick Iseli
Level 7
Level 7

‎03-10-2006 11:12 AM

You can change the logging level of this messages to debugging so you will not see them any more on your Syslog server.

Example Teardown messages:

logging message 302016 level debugging

In your case:

logging message 106001 level debugging

logging message 106006 level debugging

sincerely

Patrick

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card