The Logging Category

The Logging Category

The abutting class accessible beneath the System Properties tab is Logging. Good

security practices absorb logging network-related contest for diagnosing problems

and correlating abeyant aegis events. From the Logging category, you can

enable logging, set the logging level, and specify syslog servers.You can also

control PDM logging and logging to added locations such as buffered memory,

console, or Telnet/SSH.

To accredit logging, bang the Logging Setup subcategory and bang the

Enable Logging analysis box. From this screen, you can additionally abolish specific logging

message that could action frequently on your firewall. If you use PDM often

to administer your firewall, it is advisable to log these authoritative accomplishments for

insight into changes fabricated to the firewall. Configure PDM logging from the

PDM Logging subcategory. From this subcategory, you can accept the akin of

logging as able-bodied as the admeasurement of the PDM logging buffer, which will actuate the

maximum admeasurement of the log book retained on the PIX firewall.

Typically, firewall administrators configure a syslog host on the arrangement to

aggregate logging from assorted accessories accouterment aegis and arrangement connectivity.

From PDM, you can specify syslog attributes.To do so, bang the Syslog

subcategory.The Syslog awning appears, as apparent in Figure 9.33.

www.syngress.com

Figure 9.33 Logging: The Syslog Screen

PIX Device Manager • Chapter 9 491

To add a syslog server, bang Add and configure the interface, IP address, and

protocol/port of the syslog server.You can additionally actuate the logging ability as

configured on the syslog server from this awning beneath the Ability pull-down list.

From this screen, you can additionally baddest the akin of logging to be beatific to the syslog

host.The PIX firewall can be configured to accelerate logging advice ranging

from analytical to alter akin to a syslog server. Each logging akin increases the

quantity of abstracts beatific to the syslog host, so be accurate back you set the syslog level.

The final subcategory beneath the Logging class is Others. From this subcategory,

you can actuate whether the PIX firewall logs to added mediums

such as animate or Telnet sessions or to the PIX centralized buffer.