cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
5610
Views
0
Helpful
4
Replies
Highlighted
Beginner

CSM and MARS syslog

                   Hi i have CSM 3.3.1 and MARS, all devices syslog are pointing to them.

I want to see live syslog messages , just like what kiwi do, is this applicable ??? how ??

4 REPLIES 4
Highlighted
Beginner

hi there

any reply ?????

Highlighted
Beginner

Hi Alkabeer,

You can view real time syslog via ASDM. ( For PIX, ASA, or FWSM in the Security Manager device inventory).

In an ASDM device manager launched from Security Manager, you can monitor system log messages in the Real-time Log Viewer window and the Log Buffer window. You can select a syslog message displayed in either window and navigate to the access-control rule in Security Manager that triggered the message, where you can update the rule as necessary.

The Real-time Log Viewer is a separate window that lets you view syslog messages as they are logged. The separate Log Buffer window lets you view messages present in the syslog buffer.

For IOS Router syslog, You can use SDM.

In an SDM device manager launched from Security Manager, you can view a log of events categorized by security level under the Syslog tab of the Logging window. You can select a syslog message and navigate to the access-control rule in Security Manager that triggered the message, where you can update the rule as necessary.

The Monitor > Logging option in SDM offers four log tabs; Syslog is the only one of these offering the Security Manager access-rule look-up option. The router contains a log of events categorized by severity level. The Syslog tab displays the router log, even if log messages are being forwarded to a syslog server.

And

In CS-MARS, You can generate reports to see devices syslogs.

***
Keep Smiling, Peace
***

Regards, Gurpreet S Puri **************************** Keep Smiling, Peace :) **************************** (Please Rate Helpful Post)
Highlighted

For CS-MARS,

Go to Query, Change the Query Type to : Event Raw Messages ranked by Time, Real Time(raw events)

Then click on the "DEVICE" (which is default ANY) and select your ROUTER there.

Then click 'Submit'

Please rate if helpful.

***
Keep Smiling, Peace
***

Regards, Gurpreet S Puri **************************** Keep Smiling, Peace :) **************************** (Please Rate Helpful Post)
Highlighted

Hi Gurpreet,

I am running MARS ver 6.0. I do not see Query Type to : Event Raw Messages ranked by Time, Real Time(raw events).

Any idea? Or any other way of verfying if any device is sending syslog messages to MARS?

Content for Community-Ad