Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
593
Views
0
Helpful
1
Replies

Hide information in FWSM syslog messages

Steffen Klemer
Level 1
Level 1

‎03-14-2013 09:48 AM - edited ‎03-11-2019 06:14 PM

Hey,

for privacy reasons I want (or 'have') to shorten the NAT connection buildup and teardown in the syslog of a FWSM to only include source port and source address but not the destination. With a syslog option of "informative" I get

Mar 14 16:37:35 fwsm %FWSM-6-302013: Built outbound TCP connection 145545661512558860 for wlan:10.18.225.222/50729 (xx.yy.38.34/10566) to outside:zz.aa.59.64/80 (bb.cc.59.64/80)

but I more think about

Mar 14 16:37:35 fwsm %FWSM-6-302013: Built outbound TCP connection  145545661512558860 for wlan:10.18.225.222/50729 (xx.yy.38.34/10566)

Is this possible from within the FWSM or do I have to post-process in the syslog server?

Labels:
0 Helpful
1 Reply 1

Jouni Forss
VIP Alumni
VIP Alumni

‎03-14-2013 09:54 AM

Hi,

I dont think you can modify the actual FWSM log messages. You can either enable or disable certain log messages from even being sent to the Syslog server but thats about it.

For example TCP/UDP

  • Connection forming
  • Connection teardown
  • Translation forming
  • Translation teardown

All have their own Syslog message ID that you can either disable or enable.

So it would seem to me that you have to use some other "tool" to achieve what you are looking for.

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card