Configuring Log Output Destinations; Sending System Log Messages To A Syslog Server; Sending System Log Messages To The Console Port; Sending System Log Messages To An E-Mail Address - Cisco PIX 500 Series Configuration Manual
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Chapter 42
Monitoring the Security Appliance
Configuring Log Output Destinations
This section describes how to specify where the adaptive security appliance should save or send the log
messages that are generated and includes the following topics:
•
•
•
•
•
•
Sending System Log Messages to a Syslog Server
This section describes how to configure the adaptive security appliance to send logs to a syslog server.
Configuring the adaptive security appliance to send logs to a syslog server enables you to archive logs,
limited only by the available disk space on the server, and to manipulate log data after it is saved. For
example, you could specify actions to be executed when certain types of system log messages are logged,
extract data from the log and save the records to another file for reporting, or track statistics using a
site-specific script.
To view logs generated by the adaptive security appliance, you must specify a log output destination. If
you enable logging without specifying a log output destination, the adaptive security appliance generates
messages, but does not save them to a location from which you can view them.
The syslog server must run a server program called "syslogd." Windows (except for Windows 95 and
Windows 98) provides a syslog server as part of its operating system. For Windows 95 and Windows 98,
you must obtain a syslogd server from another vendor.
Note
To start logging to a syslog server that you define in this procedure, be sure to enable logging for all
output locations. See the
page
section on page
To configure the adaptive security appliance to send system log messages to a syslog server, perform the
following steps:
Step 1
To designate a syslog server to receive the logs, enter the following command:
hostname(config)# logging host interface_name ip_address [tcp[/ port ] | udp[/ port ]]
[format emblem]
Where the format emblem keyword enables EMBLEM format logging for the syslog server (UDP only).
The interface_name argument specifies the interface through which you access the syslog server.
The ip_address argument specifies the IP address of the syslog server.
OL-12172-03
Device ID: 'inside' interface IP address "10.1.1.1"
Mail logging: disabled
ASDM logging: disabled
Sending System Log Messages to a Syslog Server, page 42-7
Sending System Log Messages to the Console Port, page 42-8
Sending System Log Messages to an E-mail Address, page 42-9
Sending System Log Messages to ASDM, page 42-10
Sending System Log Messages to a Telnet or SSH Session, page 42-12
Sending System Log Messages to the Log Buffer, page 42-13
"Enabling Logging to All Configured Output Destinations" section on
42-6. To disable logging, see the
42-6.
"Disabling Logging to All Configured Output Destinations"
Cisco Security Appliance Command Line Configuration Guide
Configuring and Managing Logs
42-7
Advertisement
Table of Contents
Troubleshooting
