[logs] Cisco PIX Logs - Rule Change
Brian Ford (brford)
brford at cisco.com
Fri Aug 3 13:36:47 PDT 2007
Saudi,
A trick that you may want to investigate and use is the PIX/ASA
capability of being able to change the log level of specific messages.
The PIX / ASA does not use log level 0 at all. If there are specific
messages that you want to see you can change just those messages log
level to 0 (zero) and leave the PIX /ASA log setting at what ever you
had before (i.e. do not raise t to level 6). The messages still appear
in the log with their message ID as per the documentation but the level
is changed.
Liberty,
Brian
QUOTE
>>> "saudi sans" <saudisans at gmail.com> 08/02/07 11:13 PM >>>
Does Cisco PIX 6.3 generate a log when a rule[ACL] is changed. If yes
does it contain which ACL was changed etc.
I have enabled logging level 6 [ Informational]
We want to track all changes in rules via monitoring PIX logs?
UNQUOTE
Brian Ford
Consulting Engineer
Cisco Systems, Inc.
http://www.cisco.com <http://www.cisco.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.loganalysis.org/pipermail/loganalysis/attachments/20070803/97b3d654/attachment.html
More information about the LogAnalysis
mailing list