ASA 基本logging的開法, 其他snmp, ftp, mail等不記載.
這樣就能讓buffer, telnet/ssh, asdm能及時收到notifications級(5級)的log
logging enable
logging timestamp
logging buffer-size 40000
logging asdm-buffer-size 512
logging monitor notifications
logging buffered notifications
logging asdm notifications
logging device-id {context-name | hostname | ipaddress if_name | string text}
--------------------------------
for syslog
logging trap level
logging host .............
--------------------------------
下面是另一種例子, 其中有特別指定某兩種message id不log.
logging enable
logging timestamp
logging buffer-size 40000
logging asdm-buffer-size 512
logging console notifications
logging monitor notifications
logging buffered notifications
logging trap notifications
logging asdm notifications
logging device-id hostname
logging host inside 10.1.174.x
no logging message 106023
no logging message 304001
---------------------------------------------
logging class可以把某些規範的class訊息送到buffer
logging enable
logging timestamp
logging list Record-List level informational class auth
logging list Record-List level informational class config
logging buffer-size 80000
logging asdm-buffer-size 512
logging console notifications
logging monitor notifications
logging trap notifications
logging asdm notifications
logging device-id hostname
logging ftp-bufferwrap
logging ftp-server 202.132.13.26 /SJ-PIX-Log ftp01 ****
logging class auth buffered debugging
logging class config buffered debugging
logging class session buffered informational
no logging message 106015
no logging message 106006
no logging message 106001
no logging message 106023
no logging message 305012
no logging message 305011
no logging message 302015
no logging message 302014
no logging message 302013
no logging message 304001
no logging message 302016
no logging message 302021
no logging message 302020
沒有留言:
張貼留言