Message Filtering Overview; Filtering Syslog Messages By Class - Cisco 7604 Configuration Manual
Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs
Also See for 7604:
- Configuration manual (1011 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Configuring and Managing Syslog Messages
Message Filtering Overview
You can filter generated syslog messages so that only certain syslog messages are sent to a particular
output destination. For example, you could configure the FWSM to send all syslog messages to one
output destination and also to send a subset of those syslog messages to a different output destination.
Specifically, you can configure the FWSM so that syslog messages are directed to an output destination
according to the following criteria:
•
•
•
You customize these criteria by creating a message list that you can specify when you set the output
destination in the
Alternatively, you can configure the FWSM to send a particular message class to each type of output
destination independently of the message list.
For example, you could configure the FWSM to send to the internal log buffer all syslog messages with
severity levels of 1, 2 and 3, send all syslog messages in the "ha" class to a particular syslog server, or
create a list of messages that you name "high-priority" that are sent to an e-mail address to notify system
administrators of a possible problem.
Filtering Syslog Messages by Class
The syslog message class provides a method of categorizing syslog messages by type, equivalent to a
feature or function of the FWSM. For example, the "auth" class denotes user authentication.
This section includes the following topics:
•
•
Message Class Overview
With logging classes, you can specify an output location for an entire category of syslog messages with
a single command.
You can use syslog message classes in two ways:
•
•
All syslog messages in a particular class share the same initial three digits in their syslog message ID
numbers. For example, all syslog message IDs that begin with the digits 400 are associated with the ids
class. Syslog messages associated with the IDS feature range from 400400 to 400415.
Sending All Messages in a Class to a Specified Output Destination
When you configure all messages in a class to go to a type of output destination, this configuration
overrides the configuration in the specific output destination command. For example, if you specify that
messages at severity level 7 should go to the log buffer, and you also specify that ha class messages at
severity level 3 should go to the buffer, then the latter configuration takes precedence.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
25-12
Syslog message ID number
Syslog message severity level
Syslog message class (equivalent to a functional area of the FWSM)
"Configuring Log Output Destinations" section on page
Message Class Overview, page 25-12
Sending All Messages in a Class to a Specified Output Destination, page 25-12
Issue the logging class command to specify an output location for an entire category of syslog
messages.
Create a message list using the logging list command that specifies the message class. For
instructions, see the
"Filtering Syslog Messages with Custom Message Lists" section on page
Chapter 25
Monitoring the Firewall Services Module
25-4.
25-14.
OL-20748-01
- Quick Links:
- C H a P T E...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
