Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1439
Views
0
Helpful
2
Replies

ZBF - Audit Trail Logs causes performance degradation

fernandoseidler
Level 1
Level 1

‎02-22-2011 12:50 PM - edited ‎03-11-2019 12:54 PM

i'm using cisco zone based firewall and i'm having a problem with the  audit trail logs. When i activate it, and start a nmap scan to router's  interface, the cpu load goes to around 60-80%. I use a syslog server  too. If a simple nmap does this, the whole network traffic will no crash  the router? Is this normal?

Labels:
0 Helpful
2 Replies 2

mirober2
Cisco Employee
Cisco Employee

‎02-22-2011 12:59 PM

Hi Fernando,

What is a normal CPU level for this device (i.e. what is the CPU usage when the audit trail is disabled)? You mention you are logging to a syslog server as well. If you disable that temporarily do you still see the high CPU?

It would probably be best to open a TAC case for this issue so the cause for the high CPU can be identified.

-Mike

0 Helpful

fernandoseidler
Level 1
Level 1
In response to mirober2

‎02-22-2011 01:28 PM

Hi Mike

Thanks for the prompt answer.

The normal CPU Level (with the audit logs disabled) is 10-30%. If a enable the logs the CPU utilization goes to 70%. Syslog don't make difference, even with the syslog disabled the CPU load is high.

Fernando

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card