• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 342
  • Last Modified:

logging pix

Hi,

I have turned on logging to my logging server from my pix 515.

I have tried: logging trap debugging which produces a lot records.

This is what I want to log:

access-list inside line 1 deny tcp any any eq 445 (hitcnt=136255)

I have blocked port 445 on my inside interface and now I would like to find out which inside host the traffic is coming from.

I need to filter the logging to only show "deny tcp any any eq 445" Is this possible?

thanks for any help.
Donnie
0
Donnie4572
Asked:
Donnie4572
1 Solution
 
td_milesCommented:
If you append the keyword "log" to the end of your access-list entry, then it should generate log entries at the info level (6) which means you won't need to send traps for the debug level (7) and get all the rest of the stuff. Alternatively, you can specify an even higher level for the log entries to be created at, cutting down on even more of the unwanted entries.

0
 
Donnie4572Author Commented:
Thanks td_miles!

I did this:
      access-list inside line 1 deny tcp any any eq 445 log 0

It is working great.

Donnie
0

Featured Post

Exciting career futures for women in IT

Education has the power to transform lives and open the door to new career opportunities. By earning an IT degree from WGU, you can become a highly skilled IT professional. Get the credentials and certifications you need to become a leader in this rewarding field.  

Tackle projects and never again get stuck behind a technical roadblock.
Join Now