Configure Secure Connection With Audit Server And Aaa Server; Configure Syslog Via Cli - Cisco Firepower 4110 Preparative Procedures & Operational User Manual

Cisco Preparative Procedures & Operational User Guide

4.4 Configure Secure Connection with Audit Server and AAA Server

System logging is a method of collecting messages from devices to a server running a syslog daemon.
Logging to a central syslog server helps in aggregation of logs and alerts. By default, a syslog service
accepts messages and stores them in the local files, or prints them according to a simple configuration
file. This form of logging provides protected long-term storage for logs. Logs are useful both in routine
troubleshooting and in incident handling. The syslog events are set to the local store and syslog server
simultaneously, if external syslog server is configured. In the evaluation configuration, syslog traffic
must be sent to the syslog server over IPsec.
To view the local syslog messages,
Firepower-chassis# connect fxos
Firepower-chassis# show logging logfile

4.4.1 Configure Syslog via CLI

1) Enter monitoring mode:
Firepower-chassis# scope monitoring
2) Enable or disable the sending of syslogs to the console:
Firepower-chassis /monitoring # {enable | disable} syslog console
3) Optional) Select the lowest message level that you want displayed. If syslogs are enabled, the
system displays that level and above on the console. The level options are listed in order of
decreasing urgency. The default level is Critical.
Firepower-chassis /monitoring # set syslog console level {emergencies |
alerts | critical}
4) Enable or disable the monitoring of syslog information by the operating system:
Firepower-chassis /monitoring # {enable | disable} syslog monitor
5) (Optional) Select the lowest message level that you want displayed. If the monitor state is
enabled, the system displays that level and above. The level options are listed in order of
decreasing urgency. The default level is Critical.
Firepower-chassis /monitoring # set syslog monitor level {emergencies |
alerts | critical | errors | warnings | notifications | information |
debugging}
NOTE! Messages at levels below Critical are displayed on the terminal monitor only if
you have entered the
6) Enable or disable the writing of syslog information to a syslog file:
Firepower-chassis /monitoring # {enable | disable} syslog file
© 2016 Cisco Systems, Inc. All rights reserved.
terminal monitor
command.