PIX not logging IDS to syslog


I recently set up IDS on my PIX 525, and it appears to be doing what it's able to do... however, the only way I'm able to see any IDS logs is by doing a "show syslog". I have a syslog server setup using kiwi, and I'm able to pick up logs in there, but nothing for IDS. Is there some setting I might be missing thats causing it not to log IDS while it logs other things? Thanks in advance!

Reply to
Jon Doe
Loading thread data ...

logging trap debug

That should do the trick!

Wil my 3¢

Reply to

And do the trick it did! Thanks very much!

Right now though, it's trapping so much info, I'm wondering if I might need to shut it off soon. I assume logging debug isn't typically done on a continuous basis but more for troubleshooting?

Reply to
Jon Doe

Jon wrote on Wed, 21 Dec 2005 00:08:23 -0600:

On my 5.3 PIX 515 all IDS messages are sent at Warning level. I have a filter in Kiwi dumping these to a separate file to make it easier to trawl through them. Have you created "alarm" actions as well as drop/reset actions for your IDS audits?


Reply to

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.