i'm using cisco zone based firewall and i'm having a problem with the audit trail logs. When i activate it, and start a nmap scan to router's interface, the cpu load goes to around 60-80%. I use a syslog server too. If a simple nmap does this, the whole network traffic will no crash the router? Is this normal?
Hi Fernando,
What is a normal CPU level for this device (i.e. what is the CPU usage when the audit trail is disabled)? You mention you are logging to a syslog server as well. If you disable that temporarily do you still see the high CPU?
It would probably be best to open a TAC case for this issue so the cause for the high CPU can be identified.
-Mike
Hi Mike
Thanks for the prompt answer.
The normal CPU Level (with the audit logs disabled) is 10-30%. If a enable the logs the CPU utilization goes to 70%. Syslog don't make difference, even with the syslog disabled the CPU load is high.
Fernando