Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX IDS capabilities

We are using the IDS capabilities built into the pix. I know this is a limited set of signatures but my question is: Is there a way to enable only the 4000xx syslog messages on the PIX so the syslog server only receives those messages without getting all of the other level 4, 3, 2, and 1 messages? I kinow I can use the "no logging message syslog_id" command to disable specific ID's but there are quite a few that I would need to disable in order to only get the IDS signature ID's. Any help would be greatly appreciated.

  • Other Security Subjects
1 REPLY
New Member

Re: PIX IDS capabilities

Unfortunately, no. There is no other way to disable this signature except by excluding them with the "no logging message.." command. If there are 20 signatures that you don't want to see, then you will have 20 "no logging.." statements.

Thanks,

Chris

123
Views
0
Helpful
1
Replies