Logging ACL entry to Syslog server
I have a simple access-list configured on the outside of an ASA
access-list outside_in permit tcp any host x.x.x.x eq 80
access-list outside_in permit tcp any host x.x.x.x eq 443
access-list outside_in deny ip any any
Could someone please post a sample config showing how I can log all entries that hit the deny statement, and send them to a syslog server?
Thanks in advance
Hi,
You just need to add a "log" key word after the ACL and then it would be sent to your syslog server.
access-list outside_in deny ip any any log
Hope that helps,
Thanks,
Varun
Similar Messages
-
Logging of commands on syslog server (Cisco Nexus 7010)
Please help.
How to set up logging of commands on syslog server ? (cisco nexus 7010)Hi Igor
Nexus has internal accounting log: sh accouting log
But it can be sent only to the accounting server, not to a syslog server.
If you want - you man manually export it to some log.
HTH,
Alex -
Can the ACE be configured for logging configuration changes to syslog server ?
Hi,
On all our routers, switches and firewalls we've configured syslog so we get logs when configuration changes occur.
Is this possible on the ACE too ?
regards,
SebastianHi Sebastian,
Yes it is possible but depends upong the logging level you have set. So logging trap 5 should be able to get you the configuration changes or command execution logs.
Nov 1 2013 11:20:33 : %ACE-5-111008: User 'admin' executed the 'logging buffered 6' command.
Nov 1 2013 11:20:48 : %ACE-5-111008: User 'admin' executed the 'no rserver testlog' command.
So you should see these level 5 logs on syslog if logging trap 5 is configured.
Let me know if you have any questions.
Regards,
Kanwal -
Syslog: logging specific traffic only to syslog server
remote site is accessing onsite servers and need to lock them down based on host ip's and ports.
remote site connects to onsite network thru 6509 L3. want to capture remote traffic to syslog server. (only want to capture remote site traffic, no other traffic).
in order to "see" all traffic passing
"ip any any" required to determine what servers / services remote site is accessing for now. will "lock down" acl once all servers / services are identified.
how to direct only the remote site traffic to my syslog server?
acl 130 permit ip 172.16.3.0 range 1 65535 any
thxAssuming your remote site is using IP addresses in the 172.16.3.0 subnet with a 255.255.255.0 subnet mask, and you apply your access-list 130 to inbound traffic on the VLAN interface that services them...
...just add the word "log" at the end of your ACL 130 commands. Also, make sure you have "logging x.x.x.x" in your config, where x.x.x.x is the IP address of your syslog server. It would look like this:
access-list 130 permit tcp 172.16.3.0 0.0.0.255 range 1 65535 any log
access-list 130 permit udp 172.16.3.0 0.0.0.255 range 1 65535 any log
access-list 130 permit icmp 172.16.3.0 0.0.0.255 any log
access-list 130 permit ip 172.16.3.0 0.0.0.255 any log
logging x.x.x.x
interface VLAN 163 (assuming that's your VLAN number)
ip access-group 130 in
Any hits on these lines including port numbers will show up in the syslog. You will probably get a lot of entries at first. You may want to fine-tune the ACL as you identify known services early on, so that access to them is still permitted but you don't necessarily log messages for it. -
How to log successful logins to a syslog server in NX-OS
Does anyone know how to do this in NX-OS? I do it in IOS with the following commands:
login on-failure log
login on-success log
logging x.x.x.x
With that I get a syslog message that I can then log to a file to track who has logged into which device and when. But I can't find the syntax to do the same thing in the Nexus switches that we have. Does anyone know what the equivalent commands are?
Thanks,
BenHi Ben,
By default, failed logins are logged.
You can checked the log using:
show logging logfile | last 15
and for every logging failed (by default) you will get something like this:
2012 Dec 18 14:51:08 Nexus5010-B %AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication
failed for user en from 2.2.2.1 - login
To get the success-login to show up in the logs we need to increase the level of the authpriv to 5 (it is 3 by default), and doing this will add a new log for failed or succesful connections.
Use the following command:
Nexus5010-A(config)# logging level authpriv 5
You can check loggin levels by using:
#show logging level
After you do this with the logging level you will see in the log something like this when a succesful login takes place:
2005 Jan 6 03:29:48 Nexus5010-A %AUTHPRIV-5-SYSTEM_MSG: admin :TTY=unknown
; PWD=/var/sysmgr/vsh ; USER=root ; COMMAND=/usr/bin/strings/proc/18340/environ
- sudo
Now for a failed login and after increasing the authpriv level you will see the following logs:
2005 Jan 6 03:31:36 Nexus5010-A %AUTHPRIV-4-SYSTEM_MSG: pam_unix(aaa:auth):check pass; user unknown - aaad
2005 Jan 6 03:31:36 Nexus5010-A %AUTHPRIV-5-SYSTEM_MSG: pam_unix(aaa:auth):
aut
hentication failure; logname= uid=0 euid=0 tty= ruser= rhost= - aaad
For logging *****
Nexus7018(config)# logging ?
console Set console logging
event Interface events
ip IP configuration
level Facility parameter for syslog messages
logfile Set File logging
message Interface events
module Set module(linecard) logging
monitor Set terminal line(monitor) logging level
origin-id Enable origin information for Remote Syslog Server
server Enable forwarding to Remote Syslog Server
source-interface Enable Source-Interface for Remote Syslog Server
timestamp Set logging timestamp granularity
You can use logging source-interface ....
Thanks-
Afroz
***Ratings Encourages Contributors **** -
How do I turn off |INFO| entries in my server.log files?
Sun Java System Application Server 8.2
How do I turn off |INFO| entries in my server.log files? Is this a setting in the admin console that I am over looking?
Thanks,
--Todd
[#|2006-06-01T09:48:43.776-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.admin|_ThreadID=11;|ADM1041:Sent the event to instance:[ModuleDeployEvent -- undeploy web/transactionbrowser]|#]
[#|2006-06-01T09:48:44.855-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.admin|_ThreadID=11;|ADM1042:Status of dynamic reconfiguration event processing:[success]|#]
[#|2006-06-01T09:48:44.949-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.admin|_ThreadID=12;|ADM1041:Sent the event to instance:[ApplicationDeployEvent -- reference-removed transactionbrowser]|#]
[#|2006-06-01T09:48:45.011-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.admin|_ThreadID=12;|ADM1042:Status of dynamic reconfiguration event processing:[success]|#]
[#|2006-06-01T09:48:45.121-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.deployment|_ThreadID=13;|Total Deployment Time: 16 msec, Total EJB Compiler Module Time: 0 msec, Portion spent EJB Compiling: 0%|#]
[#|2006-06-01T09:48:46.403-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.deployment|_ThreadID=14;|DPL5109: EJBC - START of EJBC for [transactionbrowser]|#]
[#|2006-06-01T09:48:46.403-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.deployment|_ThreadID=14;|Processing beans ...|#]
[#|2006-06-01T09:48:46.418-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.deployment|_ThreadID=14;|DPL5110: EJBC - END of EJBC for [transactionbrowser]|#]
[#|2006-06-01T09:48:46.637-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.deployment|_ThreadID=14;|Total Deployment Time: 813 msec, Total EJB Compiler Module Time: 15 msec, Portion spent EJB Compiling: 1%
Breakdown of EJBC Module Time: Total Time for EJBC: 15 msec, CMP Generation: 0 msec (0%), Java Compilation: 0 msec (0%), RMI Compilation: 0 msec (0%), JAX-RPC Generation: 0 msec (0%),
|#]
[#|2006-06-01T09:48:46.731-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.deployment|_ThreadID=14;|deployed with moduleid = transactionbrowser|#]
[#|2006-06-01T09:48:46.950-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.admin|_ThreadID=13;|ADM1041:Sent the event to instance:[ApplicationDeployEvent -- reference-added transactionbrowser]|#]
[#|2006-06-01T09:48:46.997-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.admin|_ThreadID=13;|ADM1042:Status of dynamic reconfiguration event processing:[success]|#]
[#|2006-06-01T09:48:47.028-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.tools.admin|_ThreadID=15;|ADM1041:Sent the event to instance:[ModuleDeployEvent -- deploy web/transactionbrowser]|#]
[#|2006-06-01T09:48:47.044-0500|INFO|sun-appserver-pe8.2|javax.enterprise.system.container.web|_ThreadID=15;|WEB0100: Loading web module [transactionbrowser] in virtual server [server] at [transactionbrowser]|#]
[#|2006-06-01T09:48:48.733-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ConverterRule]{faces-config/converter} Merge(null,java.math.BigDecimal)|#]
[#|2006-06-01T09:48:48.748-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ConverterRule]{faces-config/converter} Merge(null,java.math.BigInteger)|#]
[#|2006-06-01T09:48:48.889-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlCommandButton)|#]
[#|2006-06-01T09:48:48.889-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlCommandLink)|#]
[#|2006-06-01T09:48:48.905-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlDataTable)|#]
[#|2006-06-01T09:48:48.905-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlInputHidden)|#]
[#|2006-06-01T09:48:48.905-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlInputSecret)|#]
[#|2006-06-01T09:48:48.905-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlInputText)|#]
[#|2006-06-01T09:48:48.905-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlInputTextHelp)|#]
[#|2006-06-01T09:48:48.905-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlInputTextarea)|#]
[#|2006-06-01T09:48:48.905-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlGraphicImage)|#]
[#|2006-06-01T09:48:48.920-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlMessage)|#]
[#|2006-06-01T09:48:48.920-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlMessages)|#]
[#|2006-06-01T09:48:48.920-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlOutputLabel)|#]
[#|2006-06-01T09:48:48.920-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlOutputText)|#]
[#|2006-06-01T09:48:48.920-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlPanelGrid)|#]
[#|2006-06-01T09:48:48.920-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlPanelGroup)|#]
[#|2006-06-01T09:48:48.936-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlSelectBooleanCheckbox)|#]
[#|2006-06-01T09:48:48.936-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlSelectManyCheckbox)|#]
[#|2006-06-01T09:48:48.936-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlSelectManyListbox)|#]
[#|2006-06-01T09:48:48.936-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlSelectManyMenu)|#]
[#|2006-06-01T09:48:48.936-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlSelectOneListbox)|#]
[#|2006-06-01T09:48:48.936-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlSelectOneMenu)|#]
[#|2006-06-01T09:48:48.936-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlSelectOneRadio)|#]
[#|2006-06-01T09:48:48.952-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.AliasBean)|#]
[#|2006-06-01T09:48:48.952-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.AliasBeansScope)|#]
[#|2006-06-01T09:48:48.952-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.Buffer)|#]
[#|2006-06-01T09:48:48.952-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.Document)|#]
[#|2006-06-01T09:48:48.952-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.DocumentHead)|#]
[#|2006-06-01T09:48:48.952-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.DocumentBody)|#]
[#|2006-06-01T09:48:48.967-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.Div)|#]
[#|2006-06-01T09:48:48.967-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlCheckbox)|#]
[#|2006-06-01T09:48:48.967-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlColumn)|#]
[#|2006-06-01T09:48:48.967-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlColumns)|#]
[#|2006-06-01T09:48:48.967-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlCommandNavigation)|#]
[#|2006-06-01T09:48:48.967-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlCommandNavigationItem)|#]
[#|2006-06-01T09:48:48.967-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlCommandSortHeader)|#]
[#|2006-06-01T09:48:48.983-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlHeaderLink)|#]
[#|2006-06-01T09:48:48.983-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlInputCalendar)|#]
[#|2006-06-01T09:48:48.999-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlInputDate)|#]
[#|2006-06-01T09:48:48.999-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlInputFileUpload)|#]
[#|2006-06-01T09:48:48.999-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlDataList)|#]
[#|2006-06-01T09:48:48.999-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlDataScroller)|#]
[#|2006-06-01T09:48:48.999-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlJsValueSet)|#]
[#|2006-06-01T09:48:49.014-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlNewspaperTable)|#]
[#|2006-06-01T09:48:49.014-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlCollapsiblePanel)|#]
[#|2006-06-01T09:48:49.014-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlPanelLayout)|#]
[#|2006-06-01T09:48:49.030-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlPanelNavigation)|#]
[#|2006-06-01T09:48:49.030-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlPanelNavigationMenu)|#]
[#|2006-06-01T09:48:49.030-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlPanelStack)|#]
[#|2006-06-01T09:48:49.030-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlPanelTab)|#]
[#|2006-06-01T09:48:49.030-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlPanelTabbedPane)|#]
[#|2006-06-01T09:48:49.030-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlPopup)|#]
[#|2006-06-01T09:48:49.045-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlRadio)|#]
[#|2006-06-01T09:48:49.045-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlSwapImage)|#]
[#|2006-06-01T09:48:49.045-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlTag)|#]
[#|2006-06-01T09:48:49.045-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlTree)|#]
[#|2006-06-01T09:48:49.045-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlTree2)|#]
[#|2006-06-01T09:48:49.045-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlTreeCheckbox)|#]
[#|2006-06-01T09:48:49.045-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlTreeColumn)|#]
[#|2006-06-01T09:48:49.061-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlTreeImageCommandLink)|#]
[#|2006-06-01T09:48:49.061-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.HtmlTreeNode)|#]
[#|2006-06-01T09:48:49.061-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.InputHtml)|#]
[#|2006-06-01T09:48:49.061-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.JSCookMenu)|#]
[#|2006-06-01T09:48:49.061-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.JsValueChangeListener)|#]
[#|2006-06-01T09:48:49.061-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.NavigationMenuItem)|#]
[#|2006-06-01T09:48:49.077-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.SaveState)|#]
[#|2006-06-01T09:48:49.077-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.SelectOneCountry)|#]
[#|2006-06-01T09:48:49.077-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.SelectOneLanguage)|#]
[#|2006-06-01T09:48:49.077-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ComponentRule]{faces-config/component} Merge(org.apache.myfaces.Stylesheet)|#]
[#|2006-06-01T09:48:49.077-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ConverterRule]{faces-config/converter} Merge(null,java.math.BigDecimal)|#]
[#|2006-06-01T09:48:49.077-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ConverterRule]{faces-config/converter} Merge(null,java.math.BigInteger)|#]
[#|2006-06-01T09:48:49.092-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ConverterRule]{faces-config/converter} Merge(null,java.util.Date)|#]
[#|2006-06-01T09:48:49.092-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ConverterRule]{faces-config/converter} Merge(null,[Ljava.lang.String;)|#]
[#|2006-06-01T09:48:49.092-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ConverterRule]{faces-config/converter} Merge(null,org.apache.myfaces.custom.fileupload.UploadedFile)|#]
[#|2006-06-01T09:48:49.233-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ValidatorRule]{faces-config/validator} Merge(org.apache.myfaces.validator.CreditCard)|#]
[#|2006-06-01T09:48:49.233-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ValidatorRule]{faces-config/validator} Merge(org.apache.myfaces.validator.Email)|#]
[#|2006-06-01T09:48:49.233-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ValidatorRule]{faces-config/validator} Merge(org.apache.myfaces.validator.Equal)|#]
[#|2006-06-01T09:48:49.233-0500|WARNING|sun-appserver-pe8.2|org.apache.commons.digester.Digester|_ThreadID=15;|[ValidatorRule]{faces-config/validator} Merge(org.apache.myfaces.validator.RegExpr)|#]
[#|2006-06-01T09:48:49.515-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.config.FacesConfigurator|_ThreadID=15;|Reading standard config org/apache/myfaces/resource/standard-faces-config.xml|#]
[#|2006-06-01T09:48:49.702-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.config.FacesConfigurator|_ThreadID=15;|Reading config jar:file:/C:/AppServer/domains/domain1/lib/tomahawk-1.1.2.jar!/META-INF/faces-config.xml|#]
[#|2006-06-01T09:48:49.968-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.config.FacesConfigurator|_ThreadID=15;|Reading config jar:file:/C:/javaworkspace/petroadmin/transactionbrowser/build/web/WEB-INF/lib/tomahawk-1.1.2.jar!/META-INF/faces-config.xml|#]
[#|2006-06-01T09:48:50.343-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.config.FacesConfigurator|_ThreadID=15;|Reading config /WEB-INF/faces-config.xml|#]
[#|2006-06-01T09:48:50.359-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Command rendererType = javax.faces.Button renderer class = org.apache.myfaces.renderkit.html.jsf.DummyFormHtmlButtonRenderer|#]
[#|2006-06-01T09:48:50.359-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Command rendererType = javax.faces.Link renderer class = org.apache.myfaces.renderkit.html.jsf.DummyFormHtmlLinkRenderer|#]
[#|2006-06-01T09:48:50.359-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Command rendererType = javax.faces.Button renderer class = org.apache.myfaces.renderkit.html.jsf.DummyFormHtmlButtonRenderer|#]
[#|2006-06-01T09:48:50.359-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Command rendererType = javax.faces.Link renderer class = org.apache.myfaces.renderkit.html.jsf.DummyFormHtmlLinkRenderer|#]
[#|2006-06-01T09:48:50.359-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Command rendererType = org.apache.myfaces.Button renderer class = org.apache.myfaces.renderkit.html.ext.HtmlButtonRenderer|#]
[#|2006-06-01T09:48:50.359-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Command rendererType = org.apache.myfaces.Link renderer class = org.apache.myfaces.renderkit.html.ext.HtmlLinkRenderer|#]
[#|2006-06-01T09:48:50.359-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Data rendererType = org.apache.myfaces.Table renderer class = org.apache.myfaces.renderkit.html.ext.HtmlTableRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Panel rendererType = org.apache.myfaces.Grid renderer class = org.apache.myfaces.renderkit.html.ext.HtmlGridRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Panel rendererType = org.apache.myfaces.Group renderer class = org.apache.myfaces.renderkit.html.ext.HtmlGroupRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Input rendererType = org.apache.myfaces.Secret renderer class = org.apache.myfaces.renderkit.html.ext.HtmlSecretRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Graphic rendererType = org.apache.myfaces.Image renderer class = org.apache.myfaces.renderkit.html.ext.HtmlImageRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Input rendererType = org.apache.myfaces.Text renderer class = org.apache.myfaces.renderkit.html.ext.HtmlTextRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Input rendererType = org.apache.myfaces.TextHelp renderer class = org.apache.myfaces.custom.inputTextHelp.HtmlTextHelpRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Input rendererType = org.apache.myfaces.Textarea renderer class = org.apache.myfaces.renderkit.html.ext.HtmlTextareaRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Message rendererType = org.apache.myfaces.Message renderer class = org.apache.myfaces.renderkit.html.ext.HtmlMessageRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Messages rendererType = org.apache.myfaces.Messages renderer class = org.apache.myfaces.renderkit.html.ext.HtmlMessagesRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Output rendererType = org.apache.myfaces.Text renderer class = org.apache.myfaces.renderkit.html.ext.HtmlTextRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.SelectBoolean rendererType = org.apache.myfaces.Checkbox renderer class = org.apache.myfaces.renderkit.html.ext.HtmlCheckboxRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.SelectMany rendererType = org.apache.myfaces.Checkbox renderer class = org.apache.myfaces.renderkit.html.ext.HtmlCheckboxRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.SelectOne rendererType = org.apache.myfaces.Menu renderer class = org.apache.myfaces.renderkit.html.ext.HtmlMenuRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.SelectMany rendererType = org.apache.myfaces.Menu renderer class = org.apache.myfaces.renderkit.html.ext.HtmlMenuRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.SelectOne rendererType = org.apache.myfaces.Listbox renderer class = org.apache.myfaces.renderkit.html.ext.HtmlListboxRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.SelectMany rendererType = org.apache.myfaces.Listbox renderer class = org.apache.myfaces.renderkit.html.ext.HtmlListboxRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.SelectOne rendererType = org.apache.myfaces.Radio renderer class = org.apache.myfaces.renderkit.html.ext.HtmlRadioRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Data rendererType = org.apache.myfaces.AliasBean renderer class = org.apache.myfaces.custom.aliasbean.AliasBeanRenderer|#]
[#|2006-06-01T09:48:50.375-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Data rendererType = org.apache.myfaces.AliasBeansScope renderer class = org.apache.myfaces.custom.aliasbean.AliasBeansScopeRenderer|#]
[#|2006-06-01T09:48:50.390-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Data rendererType = org.apache.myfaces.Buffer renderer class = org.apache.myfaces.custom.buffer.BufferRenderer|#]
[#|2006-06-01T09:48:50.390-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Data rendererType = org.apache.myfaces.Document renderer class = org.apache.myfaces.custom.document.DocumentRenderer|#]
[#|2006-06-01T09:48:50.390-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Data rendererType = org.apache.myfaces.DocumentHead renderer class = org.apache.myfaces.custom.document.DocumentHeadRenderer|#]
[#|2006-06-01T09:48:50.390-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Data rendererType = org.apache.myfaces.DocumentBody renderer class = org.apache.myfaces.custom.document.DocumentBodyRenderer|#]
[#|2006-06-01T09:48:50.390-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = org.apache.myfaces.Checkbox rendererType = org.apache.myfaces.Checkbox renderer class = org.apache.myfaces.renderkit.html.ext.HtmlCheckboxRenderer|#]
[#|2006-06-01T09:48:50.390-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Panel rendererType = org.apache.myfaces.DataScroller renderer class = org.apache.myfaces.custom.datascroller.HtmlDataScrollerRenderer|#]
[#|2006-06-01T09:48:50.390-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Input rendererType = org.apache.myfaces.Calendar renderer class = org.apache.myfaces.custom.calendar.HtmlCalendarRenderer|#]
[#|2006-06-01T09:48:50.390-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Input rendererType = org.apache.myfaces.Date renderer class = org.apache.myfaces.custom.date.HtmlDateRenderer|#]
[#|2006-06-01T09:48:50.390-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Input rendererType = org.apache.myfaces.FileUpload renderer class = org.apache.myfaces.custom.fileupload.HtmlFileUploadRenderer|#]
[#|2006-06-01T09:48:50.390-0500|INFO|sun-appserver-pe8.2|org.apache.myfaces.renderkit.html.HtmlRenderKitImpl|_ThreadID=15;|Overwriting renderer with family = javax.faces.Input rendererType = org.apache.myfaces.InputHtml renderer class = org.apache.myfaces.custom.inputHtml.InputHtmlRenderer|#]
[#|2006-06-01T09:48:50.390-0500|INFO|sun-appserver-pe8.2|org.apache.myf &This path is not available for
Sun Java System Application Server Platform Edition
9.0 (build b48)
There is no server-config under Configurations. Do
you know how to do this for this version of the app
server?Right.
There is only one "config" available for Platform Edition. So, can
you try:
- Click on Application Server in the left panel.
- Right hand side, third tab is "Logging". Click there.
- Second tab below is Log Levels. You can see various component
(module) log levels there. The default is "INFO" for all.
I tested this on 9.0 PE - b48.
Hope this helps.
Kedar -
Logging of FWSM context logs to two diffrent zone SYSLOG SERVER
Hello Sat Shri Akal,
Can any one help me about logging of FWSM context logs to two diffrent zone SYSLOG SERVER and SYSLOG Collector
in CSM 3.2.2. I am able to have logs from Admin context but not from my other context of FWSM. Otherwise that context is sending syslogs to ONE syslog server in similsr vlan,but why that perticular context is not able to log ay syslog collector of CSM which is having logs from admin context. Please help me in this case.
regardsPradeep,
All contexts should be able to reach the CSM server's IP address just like the admin context.
The individual contexts should be configured to send logs to the CSM server's IP address.
From CSM go under each context and add management IP address for the particular context.
Once the above is done you will see logs from all the contexts under CSM.
-Kureli -
How to configure IPS 4240 - K9 to send log file to syslog server
I am looking for the commands in how to configure IPS 4240-k9 to send log file to SYSLOG server. If anybody has or came across similer issue please advice.
Thanks in advanced.Ali -
I am sorry to tell you, but the Cisco IPS Sensors do not send Syslog messages. Your only options for sending signature event information are:
SDEE (an TLS Encrypted XML formatted message) the sensor is the SDEE Host and your event receiver (MARS, IME, Intelitactics, etc) is the client.
SNMP Traps - You need to set the "Action" on each signature you want the sensor to send a trap.
- Bob -
SCOM 2012 collect Windows Audit logs and forward them to a Linux Syslog server
Hello:
1. We have a SCOM 2012 server.
2. We have SNARE agents for PCI systems, but now we want to save money by gathering all events for all Windows servers using its native features.
3. We also have a centralized Linux server running SYSLOG which aggregates the logs to our Dell LogVault retention appliance (for PCI purposes)
Thus, my question:
In effort to remove the SNARE agents from the windows servers, can we implement Audit Collections Services (ACS) in the windows environment so that they collect/forward audit/event logs to the SCOM 2012 server and then SCOM forwards the events to the centralized
syslog Linux server? In which case they are aggregated to the Dell appliance.
We prefer to use the Linux syslog as the centralized log server but would like to know how to go about implementing the solution above.
Many thanks,
Robert Perez-CoronaHi,
Here is a thread about how to make SCOM 2012 work as a syslog server, hope this can be helpful for you:
https://social.technet.microsoft.com/Forums/en-US/524ea527-c069-40f9-96ef-026a4aa06fe9/make-scom-2012-a-syslog-server?forum=operationsmanagergeneral
Regards,
Yan Li
Regards, Yan Li -
ASA - log successful and failed logons to syslog server?
Hello,
How can I log successful and failed SSH and ADSM logons to our syslog server?
ThanksHi,
I haven't really touched the default logging configurations much but some firewalls that I manage have "logging trap informational" which sends messages of users connecting to the firewall.
The messages shows which username was used and if it was rejected or accepted. These messages all seem to be of the "informational" / "level 6" syslog messages.
The syslog IDs for them are:
ASA-6-113008
ASA-6-113012
ASA-6-113015
Though these messages only show information about the AAA not which type of connection was used (I tried both SSH and ASDM to see)
I'm sure there are more messages that will show additional information about the connection and also what the logged user did on the firewall during the management connection.
- Jouni -
Cisco RV082 - How can I create SysLog server
I tried some online free Syslog server tools but fail to get router's statistics anybody can help me to create a Syslog server on my Windows 7 machine.
Hi Qamar,
Log in to the web configuration utility and choose Log > System Log. Then check the Enable Syslog check box to enable the syslog service on the device. Enter the domain name or the IP address of the syslog sever in the Syslog sever field.
To enable the router to send email alerts when events are logged, check Enable Email Alert.
This enables the router to send email alerts to the user specified email address. Enter the the IPv4 or IPv6 address of the SMTP server of your ISP in the Mail Server field. Enter the email address where you want to send the alerts in the Send Email to field. Enter the number of log entries to include in the email in the Log Queue Length field. The default is 50. Enter the number of minutes to collect data before sending the log in the Log Time Threshold field. The log time threshold is the maximum wait time before an email log message is sent. When the log time threshold expires an email is sent whether the email log buffer is full or not. The default is 10 minutes
Click Email Log Now to instantly send a message to the specified email address to test the settings.
You can configure the necessary Log Settings also .
Thank You. -
When is acl entry created on router?? troubleshooting
Hello,
I need to know what exactly constitutes a hit on an access-list. I was doing some troubleshooting and I
did not get the expected results. I thought the first packet to match would be equal but it looks like it
may require a 3-way handshake.
I have an extended access-list in place on a 2811 router for troubleshooting/logging. I was troubleshooting inbound traffic so I stripped
away the cbac and existing ACLs from the interface. I then began doing a telnet test such as "telnet
192.168.2.80 80" from windows machine and then I would review the log to verify it got hit by the ACL. This
test worked. I then set up a dummy NAT entry with port 27. I do not have a service running on port 27 (of
course) but i wanted to see if the initial SYN packet would cause it log a hit. It never did. So does the
ACL entry create require a 3-way handshake.?
My original goal was to determine why smtp (port 25) traffic isn't hitting my mail server. I never see any
hits. Thank you.
interface FastEthernet0/1
ip address dhcp client-id FastEthernet0/1
ip access-group 124 in
no ip redirects
no ip unreachabes
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
no mop enabled
ip nat inside source static tcp 192.168.2.41 25 interface FastEthernet0/1 25
ip nat inside source static tcp 192.168.2.34 1723 interface FastEthernet0/1 1723
ip nat inside source static tcp 192.168.2.34 3389 interface FastEthernet0/1 3389
ip nat inside source static tcp 192.168.2.34 80 interface FastEthernet0/1 80
ip nat inside source static tcp 192.168.2.34 25 interface FastEthernet0/1 25
ip nat inside source static tcp 192.168.2.34 27 interface FastEthernet0/1 27
ip nat inside source route-map test_pmap interface FastEthernet0/1 overload
ROUTER01#sh log | inc 24.201.81.44
037251: Mar 18 20:05:08.467 PCTime: %SEC-6-IPACCESSLOGP: list 124 permitted tcp 24.201.81.44(17743) ->
134.134.134.134(1723), 1 packet
037358: Mar 18 20:08:32.052 PCTime: %SEC-6-IPACCESSLOGP: list 124 permitted tcp 24.201.81.44(17850) ->
134.134.134.134(80), 1 packet
ROUTER01#
access-list 124 permit udp any gt 0 any gt 0 log
access-list 124 permit tcp any gt 0 any gt 0 logYou're welcome.
Going back to your original post:
5) Tried running Itunes in 'safe mode', running itunes as an administrator..nothing.
Was that iTunes' safe mode as opposed to Windows' safe mode? iTunes safe mode is invoked by holding down CTRL+SHIFT immediately after clicking the icon to launch iTunes and continuing to hold until this message pops up:
Click continue, then close iTunes and reopen. With luck iTunes now opens normally every time.
tt2 -
Capturing port description information to syslog serve
Hello All,
I want to know if there is a way to capture (logging level?) port-description information on Cisco devices (i.e. 4510, 2960, etc.) as it sends traps to a syslog server.
For example, the IP of of my 4510 is 10.1.150.5, I have global snmp (RO) configured. If port gi5/3 goes down (err-disabled)...the trap is sent to an external syslog server (i.e. Syslogd). The entry on the syslog shows the source IP (10.1.150.5) and interface (gi5/3). But I would like to also see the port-description of gi5/3.
Thoughts? Many thanks in advance.
- K. LeeIf your platforms have EEM on them, the attached EEM policy may work for you.
HTH,
Dan -
Setting up a network syslog server
I am trying to move my syslog server (which captures my router logs) from a Slackware Linux box to my OS X machine. I have had good luck except for one small detail. Every time *periodic daily* runs syslogd stops accepting the UDP syslog packets that the router is sending.
I have updated com.apple.syslogd.plist to be:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.apple.syslogd</string>
<key>ServiceDescription</key>
<string>Apple System Log Daemon</string>
<key>OnDemand</key>
<false/>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/syslogd</string>
<string>-u</string>
</array>
<key>ServiceIPC</key>
<false/>
</dict>
</plist>
The only thing I changed was to add "<string>-u</string>" to turn on the UDP listener. And it works, too. Except that at 03:14 every morning periodic does a +kill -HUP+ to the daemon and, for some unknown reason, this turns off the UDP listener.
If I do a full kill to syslogd, which results in a new task completely, it starts with the listener running.
If I do a +ps -A|grep syslogd+ I do see the "-u" in the command even if the listener isn't listening.
I think it might be a bug in the -HUP handler in the syslogd code but I don't know the right place to post the question other than here.
For the forum: is anyone else running syslogd and collecting network log traffic? If you are then do you experience the same problem? I know I can work around the problem by putting in a local daily kill and I probably will but I shouldn't have to should I?
Any thoughts would be appreciated.
Bill WNo, but the servers have been hiccuping lately. When that occurs, I usually quit the browser, relaunch it, empty/delete the cache, and log back in. That seems to clear things up.
-
QoS: Multiple acl entries cannot be used in match-any in class Match_XY
Hello All,
I'm getting below error while trying to add the two extended ACL in the class-map for classifying the traffic. Is there any way I can add two extenteded ACL in the same class-map for classifying the traffic.
Error log: "QoS: Multiple acl entries cannot be used in match-any in class Tag_AF13"
device details: cisco WS-C6506-E with Supervisor Engine 2T
IOS version -s2t54-adventerprisek9-mz.SPA.150-1.SY1.bin
R1(config)#class-map match-any Tag_AF13
#match access-group name XX
#match access-group name XY
QoS: Multiple acl entries cannot be used in match-any in class Tag_AF13
Regards,
ThiyaguHi Rajan,
Thats because of the logic used for ACl operations, as per your config you are class-map match-any. The match any argument says that the class map must match either of the two arguments supplied.So lets take a look at how the sequence of operations of how this will be interpreted by your class map.
1> Any particular packet will be first matched against the first ACL "XX".
2> Suppose there are 10 entries there if it matches any of those entries the appropriate action will be talen.
3> If none of those entried match the packet there will be an implicit deny at the end of the ACL( default behaviour of ACL's)
4> In that case the packet will match the implicit deny and will get dropped.
5> The packet will under no circumstances go to the next ACL "XY"
Thats the reason multiple ACL's aren't allowed by the IOS.
You can try to collate both ACL's and put them in just one ACL that should work well. If you need help please pots both the ACL's.
Please do let me know if you have any further questions
HTH
Regards
Umesh
Maybe you are looking for
-
Purchase orders and sales documents
hi what r the transaction codes for purchase orders and sales documents.
-
IOS 7.0.3 upgrade killed Facetime, iMessage and Push Notifications
Facetime, iMessage and Push Notifications were working fine on my iPhone 4. Since I upgraded to iOS 7.0.3 Facetime and iMessages cannot be activated because of 'Network error' and every app that supports 'Push Notifications' suggest to 'Connect to iT
-
How can I have a shortcut key that is not a JMenuItem
Hi, I'm trying to make "ctrl-f" a shortcut key in my program. I know I can do this as a JMenuItem by: menuItem.setAccelerator(KeyStroke.getKeyStroke(KeyEvent.VK_F, KeyEvent.CTRL_MASK)); However, I would rather not have it in the menu. How would I do
-
When i try to use photo creation, message says photoproduct.exe can't be found.
when i try to use photo creation, message says photoproduct.exe can't be found. how can I resolve this issue?
-
Hi, We have a query which selects data from nearly million records( one year). It was filtered by calday. But this query seems to be not working. initially got an error with Time_OUT (after 10 minutes). Then i increased the rdisp/wp_max_runtime param