Syslog on the FWSM
Syslog implementation on FWSM is very similar to PIX Firewall with a few exceptions. Syslog is processed by the Control Plane (CP), whereas other processors might generate so many syslog messages that it could overwhelm the Control Plane (CP). So FWSM has an option for rate limiting for the Syslog on the FWSM. You can configure up to 16 Syslog servers to forward the syslog messages. There are eight levels of syslog you can configure:
-
Emergencieslevel 0
-
Alertslevel 1
-
Criticallevel 2
-
Errorslevel 3
-
Warningslevel 4
-
Notificationslevel 5
-
Informationallevel 6
-
Debugginglevel 7
The recommended syslog level is 4. Syslog messages generated in the NPs are processed by the CP before being forwarded to the Syslog servers (if any have been configured). Because the NPs can generate many Syslog messages, these Syslog messages can be rate-limited.