Re: unable to chage syslog in PIX

bberry · ‎10-25-2004

I have a strange problem. I am trying to get my PIX to syslog to its own file. I have configured my syslog server the same as for my routers. Local# goes to s specific log file and added the necessary logging commands to the PIX. Just to make sure things are running I also have a *.info log defined. My pix is sending messages to the *.info file fine but is sending nothing to my local# file. doI need to reset the PIX if I add/change the logging commands? I have attached my syslog.conf and my logging commands. Is there somethng else I am missing? I have reloaded the syslog server.

jeff.carr · ‎10-27-2004

I would first verify that the PIX is sending the syslog information by using 'show logging'. Here is my output...

Syslog logging: enabled

Facility: 20

Timestamp logging: enabled

Standby logging: disabled

Console logging: disabled

Monitor logging: disabled

Buffer logging: level warnings, 16351665 messages logged

Trap logging: level informational, 224564590 messages logged

Logging to inside 192.168.111.50

History logging: level informational, 224564590 messages logged

Looks like the PIX logging config is correct. I would troubleshoot your /var/log/pix.log file. Could be a permissions issue.

hoangbp · ‎10-28-2004

Hi there:

I believe the reason that the syslog messages from your PIX didn't go into its own file /var/log/pix.log was because your setting for facility is incorrect.

For informational, I believe the logging facility is 21.

Try changing your logging facillity statement to

" logging facility 21"

Please refer to the following document on CCO for more info about syslogging with PIXes.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094030.shtml

I hope this helps.

Sincerely,

Binh

bberry · ‎10-28-2004

It was the facility that I had selected. i was using the standard local1-5 type facility not the facilities the PIX required.

Thanks for the assistance.