42-8
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Chapter 42 Monitoring the Security Appliance
Configuring and Managing Logs
specify UDP, the security appliance continues to send logs regardless of whether the syslog server is
operational. The port argument specifies the port that the syslog server listens to for system log
messages. Valid port values are 1025 through 65535, for either protocol. The default UDP port is 514.
The default TCP port is 1470.
For example:
hostname(config)# logging host dmz1 192.168.1.5
If you want to designate more than one syslog server as an output destination, enter a new command for
each syslog server.
Step 2 To specify which system log messages should be sent to the syslog server, enter the following command:
hostname(config)# logging trap {severity_level | message_list}
Where the severity_level argument specifies the severity levels of messages to be sent to the syslog
server. You can specify the severity level number (0 through 7) or name. For severity level names, see
the “Severity Levels” section on page 42-23. For example, if you set the level to 3, then the security
appliance sends system log messages for level 3, 2, 1, and 0.
The message_list argumentspecifies a customized message list that identifies the system log messages
to send to the syslog server. For information about creating custom message lists, see the “Filtering
System Log Messages with Custom Message Lists” section on page 42-17.
The following example specifies that the security appliance should send to the syslog server all system
log messages with a severity level of level 3 (errors) and higher. The security appliance will send
messages with the severity of 3, 2, and 1.
hostname(config)# logging trap errors
Step 3 (Optional) If needed, set the logging facility to a value other than its default of 20 by entering the
following command:
hostname(config)# logging facility number
Most UNIX systems expect the system log messages to arrive at facility 20.
Sending System Log Messages to the Console Port
This section describes how to configure the security appliance to send logs to the console port.
Note To start logging to the console port as defined in this procedure, be sure to enable logging for all output
locations. See the “Enabling Logging to All Configured Output Destinations” section on page 42-6. To
disable logging, see the “Disabling Logging to All Configured Output Destinations” section on
page 42-6.
To specify which system log messages should be sent to the console port , enter the following command:
hostname(config)# logging console {severity_level | message_list}
Where the severity_level argument specifies the severity levels of messages to be sent to the console port.
You can specify the severity level number (0 through 7) or name. For severity level names, see the
“Severity Levels” section on page 42-23. For example, if you set the level to 3, then the security
appliance sends system log messages for level 3, 2, 1, and 0.
To Next Page
Loading...
Need help?
General