Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SYSLOG_PIX

Two questions:

What is the best practice for PIX messages to a syslog server. I have been exporting to a SQL database. However the amount of information is tremendous. What would be the best way to reduce the amount of information, yet get useful info.

Is there a way to configure the PIX to have various levels of priviledge and to monitor what a user has changed in the configuration.

Thank you

2 REPLIES
New Member

Re: SYSLOG_PIX

You can filter out unwanted syslog messages using the no logging message [syslog id #] Or you can change your logging level to reduce your logging. I have found the no logging message command usefull in cases where I am required to log certain messages that I can only get a debug level, and don't want all the other stuff you log at that level.

You can adjust user privileges to assign varius levels either from the command line, or from the Pix device manager. Unless your a typing freak, it's more easily done from PDM.

Config change monitoring is easily done by implementing a radius or tacacs server and AAA, or by buying CW2000 VMS and managing the PIX's with the firewall mc. This would also take care of your syslog management problems at the same time.

New Member

Re: SYSLOG_PIX

Are there ant resources available to determine which log messages should be filtered out. Do you have any recommendations of what to include/exclude?

Thanks in advance

113
Views
0
Helpful
2
Replies
CreatePlease to create content