The Logging Category
The abutting class accessible beneath the System Properties tab is Logging. Good
security practices absorb logging network-related contest for diagnosing problems
and correlating abeyant aegis events. From the Logging category, you can
enable logging, set the logging level, and specify syslog servers.You can also
control PDM logging and logging to added locations such as buffered memory,
console, or Telnet/SSH.
To accredit logging, bang the Logging Setup subcategory and bang the
Enable Logging analysis box. From this screen, you can additionally abolish specific logging
message that could action frequently on your firewall. If you use PDM often
to administer your firewall, it is advisable to log these authoritative accomplishments for
insight into changes fabricated to the firewall. Configure PDM logging from the
PDM Logging subcategory. From this subcategory, you can accept the akin of
logging as able-bodied as the admeasurement of the PDM logging buffer, which will actuate the
maximum admeasurement of the log book retained on the PIX firewall.
Typically, firewall administrators configure a syslog host on the arrangement to
aggregate logging from assorted accessories accouterment aegis and arrangement connectivity.
From PDM, you can specify syslog attributes.To do so, bang the Syslog
subcategory.The Syslog awning appears, as apparent in Figure 9.33.
www.syngress.com
Figure 9.33 Logging: The Syslog Screen
PIX Device Manager • Chapter 9 491
To add a syslog server, bang Add and configure the interface, IP address, and
protocol/port of the syslog server.You can additionally actuate the logging ability as
configured on the syslog server from this awning beneath the Ability pull-down list.
From this screen, you can additionally baddest the akin of logging to be beatific to the syslog
host.The PIX firewall can be configured to accelerate logging advice ranging
from analytical to alter akin to a syslog server. Each logging akin increases the
quantity of abstracts beatific to the syslog host, so be accurate back you set the syslog level.
The final subcategory beneath the Logging class is Others. From this subcategory,
you can actuate whether the PIX firewall logs to added mediums
such as animate or Telnet sessions or to the PIX centralized buffer.