05-26-2011 08:21 AM - edited 03-11-2019 01:38 PM
Hello Cognizants, Greetings
I have a question, How is it possible to reduce unnecessary logs in syslog servers, I want to see/concentrate only logs which are critical and above level 7?
I am discussing about taking consideration of ASA/PIX Firewall, IDS,IPS, Router and Switches in enterprise environment
hope everyone share their experience, expertise and advices for this topic
- JD
Solved! Go to Solution.
05-27-2011 04:59 AM
Jigar,
I use ASA5500 IOS 8.0(4).
Once I know the log message number I want to omit, I use this CLI command in the config:
:
no logging message (message #)
:
Here is a public reference to ASA logging:
http://www.ciscopress.com/articles/article.asp?p=424447&seqNum=3
:
Hope this helps
Frank
05-26-2011 10:02 AM
Hi Jigar,
There are different types of logging levels that you can enable on the ASA, here they are as follows:
http://www.cisco.com/en/US/partner/docs/security/asa/asa83/system/message/logsevp.html
Refer to this guide as well:
This is going to be really beneficial for you.
Thanks,
Varun
05-26-2011 12:37 PM
I am logged in with my CCO account. Both links seem to be blocked by Cisco's FORBIDDEN message.
Do you have any links for blocking syslog messages that don't require "employee" status??
Tks
Frank
05-26-2011 12:45 PM
You may want to consider logging lists, which gives more control over the logs:
05-27-2011 04:59 AM
Jigar,
I use ASA5500 IOS 8.0(4).
Once I know the log message number I want to omit, I use this CLI command in the config:
:
no logging message (message #)
:
Here is a public reference to ASA logging:
http://www.ciscopress.com/articles/article.asp?p=424447&seqNum=3
:
Hope this helps
Frank
05-28-2011 10:56 PM
Varun, Antonio, fsebera - Thanks a lot, I will let you
know if more help needed.
HAGD
- JD
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide