How to Configuring Cisco PIX to Use a Syslog Server

Aug 22

How to Configuring Cisco PIX to Use a Syslog Server

125 views

Most Cisco devices use the syslog protocol to manage system logs and alerts. But unlike their PC and server counterparts, Cisco devices lack large internal storage space for storing these logs. To overcome this limitation, Cisco devices offer the following two options:

* Internal buffer— The device’s operating system allocates a small part of memory buffers to log the most recent messages. The buffer size is limited to few kilobytes. This option is enabled by default. However, when the device reboots, these syslog messages are lost.
* Syslog— Use a UNIX-style SYSLOG protocol to send messages to an external device for storing. The storage size does not depend on the router’s resources and is limited only by the available disk space on the external syslog server. This option is not enabled by default.

Proactive monitoring of firewall logs is an integral part of a Netadmin’s duties. The firewall syslogs are useful for forensics, network troubleshooting, security evaluation, worm and virus attack mitigation, and so on. The configuration steps for enabling syslog messaging on a PIX are conceptually similar to those for IOS- or CatOS-based devices. To configure a Cisco PIX Firewall with PIX OS 4.4 and above,
Table 4-13. PIX Configuration for Syslog

Step Command

1 Pixfirewall# config terminal
2 Pixfirewall(config)#logging timestamp
3 Pixfirewall(config)#logging hostinterface connected to syslog server] ip_address [protocol / port] [
4 Pixfirewall(config)#logging facilityfacility
5 pixfirewall(config)#logging trap level
6 pixfirewall(config)#logging on
7 pixfirewall(config)#no logging message
8 pixfirewall(config)#exit

Example 4-14 prepares the Cisco PIX Firewall to send syslog messages at facility local5 and severity debug and below to the syslog server. The Netadmin does not want the PIX to log message 111005. The syslog server has an IP address of 192.168.0.30
Example 4-14. Configuring a Cisco PIX Firewall for Syslog

Firewall-Dallas#
Firewall-Dallas# config terminal
Firewall-Dallas(config)# loggin time
Firewall-Dallas(config)# logging host 192.168.0.30
Firewall-Dallas(config)# logging facility 21
Firewall-Dallas(config)# logging trap 7
Firewall-Dallas(config)# logging on
Firewall-Dallas(config)# no logging message 111005
rewall-Dallas(config)# exit
Firewall-Dallas# show logging
Syslog logging: enabled
Facility: 21
Timestamp logging: enabled
Standby logging: disabled
Console logging: disabled
Monitor logging: disabled
Buffer logging: disabled
Trap logging: level debugging, 6 messages logged
Logging to inside 192.168.0.30
History logging: disabled
Device ID: disabled

Tags:attack, attackers, attacks, cisco, command, config, configuration, configure, connection, Debugging, enable, firewall, hosts, kilobyte, kilobytes, logs, memory, network, networking, pix, port, ports, protocol, router, secure, Security, server, servers, system, systems, table, traps, troubleshoot

Bookmark This

Liked this article? To continue getting our latest free Howtos and Tutorials,
you can also grab the RSS feed or Subscribe to Techgurulive by Email

Not Getting

Related posts
How to configure PIX/ASA Security Appliance 7.x with syslog
How To Forward Syslog Messages To Zenoss
Cisco PIX Logging: Debugging to Emergency
How To Configure a Syslog Server
How to configure logging in Cisco IOS
How to enable and Configure Spanning Tree Portfast in Cisco Catalyst switch
How to enable and configure DHCP server on Cisco Routers and switches
How to Send Snort logs to a remote log server
How to Load a new Cisco PIX software image from a TFTP server
How to Install Cisco AnyConnect Client and Configuring the Security Appliance with ASDM

Comments are closed.

This Howtos posted under" Cisco, Security

How to Configuring Cisco PIX to Use a Syslog Server

Find Free Howtos and tutorials on apache, Linux, windows, php, Networking, MySQL, Cisco, open source, Nas, Virtualization, voip, vpn, email,send mail, lamp, security, SEO, squid, Anti virus, Backup, Database and many more

Translator

By N2H

Recent Searches

how to install mysql on linux

pfsense

openvpn windows

trixbox

trixbox

Squid proxy server in Ubuntu

not in the sudoers file

configure zimbra

Popular Searches

stop and restart websense

CONFIGURE ZIMBRA

disable IP forwarding

ubuntu virtual host

how to copy files in linux

setting up snmpd.conf

trixbox

set up time server linux

To continue getting our latest Howtos, Tutorial
Enter your email address:
Delivered by FeedBurner

Most Viewed

How to Add Static route in Windows XP/2000/Vista - 4,041 views
How to Configure Routing and Remote Access Service in Windows Server 2003 - 3,022 views
How to test UDP Connectivity - 3,005 views
How to install and Configure Smoothwall Express 3 Firewall - 2,971 views
How To Install PHPMyAdmin on Fedora 9 - 2,600 views
How to Install and Configure pfSense - A free, open source firewall and router - 2,520 views
How To Install FreeNas - 2,505 views
How to enable ActiveX Controls in Internet Explorer? - 1,970 views
How to Install RoundCube WebMail - 1,760 views
How to install dimdim on ubuntu linux - 1,740 views

Recent Forum Posts

"Who knows where to download XRumer 5.0 Palladium?" by CocoChanels on July 2, 2009 at 4:28 pm in Promote Websites

"Want to download XRumer 5.0 for free!" by MagicOPromotion on May 3, 2009 at 10:03 am in Promote Websites

"How to See MAC Addresses" by gishore on April 12, 2009 at 10:10 pm in Reference Material

"How to Configure IP Forwarding in Linux" by gishore on April 12, 2009 at 10:07 pm in Reference Material

"How to Add Permanent Static Routes" by gishore on April 12, 2009 at 10:06 pm in Reference Material

"How to Add Temporary Static Routes" by gishore on April 12, 2009 at 10:05 pm in Reference Material

"How to Determining Your IP Address" by gishore on April 12, 2009 at 10:03 pm in Reference Material

"How to Activate/Shut Down Your NIC" by gishore on April 12, 2009 at 10:01 pm in Reference Material

More »
Login

Username:

Password:

Remember me

Register

Lost your password?

Spam Blocked

11,521 spam comments

blocked by
Akismet

Recent Posts

How to Add a permanent static route to Mac OS X

How to measure network throughput on Linux machines

How to Change timestamp in nagios logfiles to readable dates

How to Configure cron jobs on Windows -Drupal

How to Backup And Restore Email In Gmail Account Easily

How to Set Gmail as Firefox Default Email Client

How to retrieve Yahoo Mail using email programs such as Microsoft Outlook, Eudora, Outlook Express, etc

How to Delay Sending of Email Message in Microsoft Outlook

How to Create a limited user account on a Cisco Pix Firewall

How to Send an Email (Mail Message) from Linux Command Line Shell

Hot Search : ubuntu linux suselinux mandriva linux cisco vpn vista cisco asa cisco adler cisco vpn router cisco vpn client cisco switch cisco vpn client vista vista vpn vista cisco vpn cisco vpn ubuntu cisco asa vpn cisco anyconnect vpn iphone ubuntu vpn openvpn open source wiki open source mac open source dvd open source windows windows vista windows live msn windows live messenger windows live openvpn windows ubuntu apache apache php apache 2.2 php ajax joomla mysql php mysql vista backup backup iphone backup windows windows 2008 clustering sql 2005 clustering

About Us | Contact Us | Privacy Policy | Forums | Sitemap | Directory | Friends|Copyright © 2008 - 2009 Techgurulive