Basic Syslog
Note: Use the Command Lookup Tool (registered customers only) in order to obtain more information on the commands used in this section.
Use these commands to enable logging, view logs, and view configuration settings.
logging enable—Enables the transmission of syslog messages to all output locations.
no logging enable—Disables logging to all output locations.
show logging—Lists the contents of the syslog buffer and the current logging configuration.
PIX can send syslog messages to various destinations. Use the commands in these sections to specify the location to which messages should be sent:
Internal Buffer
logging buffered severity_level
External software or hardware is not required when you store the syslog messages in the PIX internal buffer. Use the show logging to view the stored syslog messages.
Syslog Message Server
logging host interface_name ip_address [tcp[/port] | udp[/port]] [format emblem]
logging trap severity_level
logging facility number
A server that runs a syslog application is required in order to send syslog messages to an external host. PIX sends syslog on UDP port 514 by default.
E-mail Address
logging mail severity_level
logging recipient-address email_address
logging from-address email_address
smtp-server ip_address
An SMTP server is required when you send the syslog messages in e-mails. Correct configuration on the SMTP server is necessary in order to ensure that you can successfully relay e-mails from the PIX to the specified e-mail client.
Console
logging console severity_level
Console logging enables syslog messages to display on the PIX console (tty) as they occur. Use this command when you debug problems or when there is minimal load on the network. Do not use this command when the network is busy as it can degrade performance.
Telnet/SSH Session
logging monitor severity_level
terminal monitor
Logging monitor enables syslog messages to display as they occur when you access the PIX console with Telnet or SSH.
ASDM
logging asdm severity_level
ASDM also has a buffer that can be used to store syslog messages. Use the show logging asdm command in order to display the content of the ASDM syslog buffer.
SNMP Management Station
logging history severity_level
snmp-server host [if_name] ip_addr
snmp-server location text
snmp-server contact text
snmp-server community key
snmp-server enable traps
Users need an existing functional Simple Network Management Protocol (SNMP) environment in order to send syslog messages using SNMP.
Refer to Commands for Setting and Managing Output Destinations for a complete reference on the commands you can use to set and manage output destinations
Refer to Messages Listed by Severity Level for messages listed by severity level.
Example 1
This output shows a sample configuration for logging into the console with the severity level of debugging.
logging enable
logging buffered debugging
This is sample output.
%PIX|ASA-6-308001: console enable password incorrect for number tries (from 10.1.1.15)
No comments:
Post a Comment