09-28-2008 09:45 PM - edited 02-21-2020 03:01 AM
scenario;
i have some 6 FWSM's in separate 6x6500 core switches..
requirement;
i need to log messages on my ACE "permit ip any any log" with separate filenames on a syslog server. how would my syslog config looks like.
09-29-2008 12:44 AM
You would need to configure your requirement on your syslog server.
If you run syslog-ng on Linux, your config would look like:-
destination d_switch { file("syslog-ng/switches/$HOST/$PRIORITY.$DAY-$MONTH-$YEAR.log"); };
HTH>
09-29-2008 10:39 AM
sorry for not being so clear...
what i mean is the config on the FWSM
09-29-2008 10:45 AM
The platform makes no differnce, the fact it you configure the FWSM to send the syslogs to another device = syslog server.
In the syslog server you configure what you need.
You cannot tell the fwsm that you want the remote files to be saved in a particular format or with a specific name.....it just sends the syslog.
HTH>
09-29-2008 11:14 PM
so how could we distinguish the logs from different fwsm
09-30-2008 12:31 AM
As previosuly posted - you need to configure the syslog server to filter and write the files according to your requirements.
HTH>
10-04-2008 01:58 AM
i know that we have tp do simething on the syslog server.. what iam asking is the fwsm configuration.
10-04-2008 04:03 AM
read the below config guide:-
http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/monitr_f.html#wp1098912
HTH>
10-04-2008 11:01 AM
Hi,
I found the solution, though not exactly but the idea is there..see the below thread
10-05-2008 12:23 AM
Yes - you can configure your nework devices to use "differenet" facility numbers, so your syslog server knows which device type is sending the syslog. it facility 17 is a firewall, facility 10 is a router.
BUT you STILL have to configure your syslog server to log the information by device name/ip address etc.
This cannot be done in the network device.
HTH>
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide