|
The
PIX will log via syslog to the syslogd of your FW platform. This is
independent of CP logging. Depending on what facility and severity you are
logging on the PIX (I do debug to local1 for all of my Cisco boxes, check the
running config on the PIX and /etc/syslog.conf on the loghost), you could start
looking at /var/log/syslog to start.
I
believe there is a topic in the phoneboy archives that will force CP to log via
syslog as well as the normal logging facility if merged logs are really that
important to you.
Chris
I have setup
our FW-1 to accept SYSLOG messages from our PIX 506. From the FW-1 Log
Viewer I see messages being sent from the PIX to the FW-1 every 2 minutes, but
I'm not sure how to view the content of these messages being sent.
I was expecting to see the detail activity of the PIX in the FW-1
log viewer. In instead I only see the passing of the SYSLOG message from
the PIX to the FW-1, but not the PIX activity. Am I wrong
in my expectation. If not, do you have any suggestions as to how to
view PIX activity on the FW-1 Log viewer. Any
help would be appreciated.
Thanks
Larry
Wu
|
