All Cisco-Network Study Notes: Disabling Specific Syslog Messages

Disabling Specific Syslog Messages

At times, you’ll appetite to attenuate assertive syslog messages. For example, let’s say that

you are logging all advice while troubleshooting a affiliation and are

constantly sending PING packets.You ability appetite to attenuate any syslog message

referencing ICMP to advice abate the flood of ICMP messages. In another

example, say that addition has launched an advance adjoin your PIX firewall and

although you appetite a few of the messages, too abounding would ample up your disk

space. Cisco provides a actual advantageous certificate with a complete account of all syslog

messages and their ID numbers.You can acquisition it at www.cisco.com/univercd/

cc/td/doc/product/iaabu/pix/pix_62/syslog/pixemsgs.htm.This certificate is not

just for creating a account of disabled messages; it is additionally an accomplished troubleshooting

aid. Along with anniversary syslog bulletin are suggestions for what to do if the message

is an error. For example, actuality is a complete syslog bulletin account and a

recommendation:

%PIX-1-103001: (Primary) No acknowledgment from added firewall (reason cipher =

code).

Account This is a failover message.This bulletin is logged if the

primary assemblage is clumsy to acquaint with the accessory assemblage over the

failover cable. (Primary) can additionally be listed as (Secondary) for the secondary

unit.

Action Verify that the accessory assemblage has the exact aforementioned hardware,

software adaptation level, and agreement as the primary unit.

You can see that the certificate is actual detailed.This certificate covers messages

100001 to 709007.There is one syslog bulletin that you cannot disable:

%PIX-6-199002: PIX startup completed. Beginning operation.

In adjustment to attenuate any added syslog message, use the afterward command:

no logging bulletin

The message_number constant specifies the different numeric bulletin ID of

each syslog message. For example:

www.syngress.com

304 Chapter 6 • Configuring System Management

PIX1(config)# no logging bulletin 303002

In adjustment to see which letters are disabled, use the appearance logging disabled command.

For example:

PIX1# appearance logging disabled

no logging bulletin 303002

In adjustment to bright the disabled bulletin so that it will be logged again, use the

following command:

logging bulletin

The message_number constant specifies the different numeric ID of the disabled

message.To re-enable all disabled messages, use the afterward command:

PIX1(config)# bright logging disabled