First, start the log service
(1) Start log logging on
Note: by de fault, the logging level was set to 3 (error).
The default log level is 3 (error)
(2) Set log level logging Trap Severity_level (1-7)
(3) Check log settings show logging
second, test log output
Test the log information output by following these steps:
(1) Log information is sent to the console port.
Logging Console 7
Quit
This test will generate the following syslog information
111005:nobody End Configuration:ok
This message shows that the configureation mode has been exited. " 111005 "is the information identification number. "Nobody" indicates that you are logged into the PIX via the console port.
(2) Stop conveying log information to console
No logging console 7
Quit
Third, send syslog information to the cache
(1) Save the displayed information
Logging buffered Severity_level (1-7)
(2) View the information on the console port
Show logging
(3) Clear the information in the cache to receive new information
Clear logging
(4) Stop sending log messages to the cache
No logging buffered
New information to the tail of the list.
Iv. Sending log information to a telnet session
(1) Configure a host on the inside of the PIX to allow Telnet to the PIX
A. Enter the following command:
Telnet ip_address [Subnet_mask] [If_name]
For example, if a host have the IP address 192.168.1.2, the command is:
Telnet 192.168.1.2 255.255.255.255
B. Set the idle time for a Telnet session, which defaults to 5 minutes and the recommended value is 15 minutes.
Telnet Timeout 15
(2) Start a Telnet session
(3) configuration mode
Enable
(Enter your password at the prompt)
Configure Terminal
(4) Start Log settings
Logging Monitor Severity_level (1-7)
(5) Send log information to the tetlnet session
Terminal Monitor
This command function sends only log information to the current Telnet session. "Logging Monitor" sets all the Telnet session parameters, and after executing the command, the log information is sent to each individual telnet session.
(6) Use applications such as Ping,web access to trigger syslog messages to be sent to the Telnet session window.
(7) Terminal no monitor
No logging monitor