Filtering Syslog Messages With Custom Message Lists - Cisco 7604 Configuration Manual
Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs
Also See for 7604:
- Configuration manual (1011 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Configuring and Managing Syslog Messages
Filtering Syslog Messages with Custom Message Lists
Creating a custom message list is a flexible way to exercise fine control over which syslog messages are
sent to which output destination. In a custom syslog message list, you specify groups of syslog messages
using any or all of the following criteria: severity level, message IDs, ranges of syslog message IDs, or
message class.
For example, you can use message lists to:
•
•
A message list can include multiple criteria for selecting messages. However, you must add each
message selection criterion with a new command entry. You can create a message list containing
overlapping message selection criteria. If two criteria in a message list select the same message, the
message is logged only once.
To create a customized list that the FWSM can use to select messages to be saved in the log buffer,
perform the following steps:
Create a message list containing criteria for selecting messages by entering the following command:
Step 1
hostname(config)# logging list name {level level [class message_class] |
message start_id[-end_id]}
Where the name argument specifies the name of the list. Do not use the names of severity levels as the
name of a syslog message list. Prohibited names include "emergency," "alert," "critical," "error,"
"warning," "notification," "informational," and "debugging." Similarly, do not use the first three
characters of these words at the beginning of a filename. For example, do not use a filename that starts
with the characters "err."
The level level argument specifies the severity level. You can specify the severity level number (0
through 7) or name. For severity level names, see the
example, if you set the severity level to 3, then the FWSM sends syslog messages for severity levels 3,
2, 1, and 0.
The class message_class argument specifies a particular message class. For a list of class names, see
Table 25-1 on page
The message start_id[-end_id] argument specifies an individual syslog message ID number or a range
of numbers.
The following example creates a message list named notif-list that specifies messages with a severity
level of 3 or higher should be saved in the log buffer:
hostname(config)# logging list notif-list level 3
Step 2
(Optional) If you want to add more criteria for message selection to the list, enter the same command as
in the previous step specifying the name of the existing message list and the additional criterion. Enter
a new command for each criterion you want to add to the list.
The following example adds criteria to the message list: a range of message ID numbers, and the message
class ha (high availability or failover).
hostname(config)# logging list notif-list 104024-105999
hostname(config)# logging list notif-list level critical
hostname(config)# logging list notif-list level warning class ha
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
25-14
Select syslog messages with severity levels of 1 and 2 and send them to one or more e-mail
addresses.
Select all syslog messages associated with a message class (such as "ha") and save them to the
internal buffer.
25-13.
Chapter 25
Monitoring the Firewall Services Module
"Severity Levels" section on page
25-20. For
OL-20748-01
- Quick Links:
- C H a P T E...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
