Just curious.. This is something that started with the newer 6.x code? Is it safe to presume that with tcp versus udp that *all* log entries will make it to syslog versus udp where under loading hundreds of them can get dropped? I realize memory may play a role and rate limiting of course.:)
I don't' know your answer but I *believe* that msyslog will let you listen on different ports (modular syslog that uses MySQL)... Can't remember for sure though... May have to search and find the site to see... Hope this helps.. Paul -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Paul Fontenot Sent: Tuesday, January 28, 2003 5:00 PM To: [EMAIL PROTECTED] Subject: Re: Re: syslogging PIX data The PIX 525 with 6.X code defaults to TCP on port 1468. The PIX will not send to a port below 1025. I know how to setup the PIX and I know how to setup syslog. Will syslog listen on a different port than the default? I don't see anything in the man pages that indicate this is possible. > > From: Stacy Brandenburg <[EMAIL PROTECTED]> > Date: 2003/01/28 Tue PM 04:39:25 EST > To: [EMAIL PROTECTED] > Subject: Re: syslogging PIX data > > I think you lost me, why is the PIX going to send tcp/1468? It > syslogs > out to 514 just like every other device. Are you trying to do someting > other than syslog from it? > > As far as syslogd goes - the man pages explain pretty well how to > invoke > syslogd in different fashions. > > > > > Paul Fontenot wrote: > > The problem is that PIX is going to send tcp/1468 and the linux box > > is looking for udp/514. The PIX won't allow a port outside the range > > of '1025-65535' but it will do udp or tcp. > > > > I guess the questions hould have been is there a way to have syslogd > > listen on a different port > > > > > >>From: Stacy Brandenburg <[EMAIL PROTECTED]> > >>Date: 2003/01/28 Tue PM 03:43:15 EST > >>To: [EMAIL PROTECTED] > >>Subject: Re: syslogging PIX data > >> > >>Sure, > >> > >>PIX config needs to look like this > >> > >>logging on > >>logging trap <log level> > >>logging facility 23 > >>logging host inside <IP of Syslog server> > >> > >>run syslogd as "syslogd -r -m 0" on the server > >> > >>and add this to /etc/syslog.conf: > >> > >>#Cisco logging > >>local7.* <Log file location> > >> > >> > >> > >> > >> > >>Paul Fontenot wrote: > >> > >>>Is there a way to have syslog accept PIX log information? > >>> > >>> > >>> > >>> > >> > >>-- > >>======================================================== > >>= Stacy J. Brandenburg Red Hat Inc. = > >>= Sr. Network Engineer http://www.redhat.com = > >>= 919-754-3700 x44313 [EMAIL PROTECTED] = > >>======================================================== > >> > >> > >> > >>-- > >>redhat-list mailing list > >>unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe > >>https://listman.redhat.com/mailman/listinfo/redhat-list > >> > > > > > > > > > > > > > -- > ======================================================== > = Stacy J. Brandenburg Red Hat Inc. = > = Sr. Network Engineer http://www.redhat.com = > = 919-754-3700 x44313 [EMAIL PROTECTED] = > ======================================================== > > > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
