cisco asa 5505 & freebsd syslogd
Добавлено: 2013-08-05 9:06:12
Товарищи всем привет!
почему логи пишутся в другой файл вместо моего?звучит бредово, но это так
или посоветуйте путёвый лог сервер ...
почему логи пишутся в другой файл вместо моего?звучит бредово, но это так
или посоветуйте путёвый лог сервер ...
Код: Выделить всё
#
# uname -a
FreeBSD bsd 9.1-RELEASE-p4 FreeBSD 9.1-RELEASE-p4 #0: Mon Jun 17 11:38:17 UTC 2013 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386
#
# ssh -l cisco 172.16.36.7
cisco@172.16.36.7's password:
Type help or '?' for a list of available commands.
ASA1>
ASA1>
ASA1> ena
Password:
ASA1# sh runn logg
ASA1# sh runn logging
logging enable
logging timestamp
logging buffered debugging
logging trap debugging
logging asdm debugging
logging host outside bsd
ASA1#
ASA1#
ASA1# q
Logoff
Connection to 172.16.36.7 closed by remote host.
Connection to 172.16.36.7 closed.
# cat /etc/sy
sysctl.conf syslog.conf
# cat /etc/syslog.conf
# $FreeBSD: release/9.1.0/etc/syslog.conf 238473 2012-07-15 10:55:43Z brueffer $
#
# Spaces ARE valid field separators in this file. However,
# other *nix-like systems still insist on using tabs as field
# separators. If you are sharing this file between systems, you
# may want to use only tabs as field separators here.
# Consult the syslog.conf(5) manpage.
#logging for ASA1 5505
+172.16.36.7
*.* /var/log/asa1.log
+*
@*
*.err;kern.warning;auth.notice;mail.crit /dev/console
*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
security.* /var/log/security
auth.info;authpriv.info /var/log/auth.log
mail.info /var/log/maillog
lpr.info /var/log/lpd-errs
ftp.info /var/log/xferlog
cron.* /var/log/cron
*.=debug /var/log/debug.log
*.emerg *
# uncomment this to log all writes to /dev/console to /var/log/console.log
# touch /var/log/console.log and chmod it to mode 600 before it will work
#console.info /var/log/console.log
# uncomment this to enable logging of all log messages to /var/log/all.log
# touch /var/log/all.log and chmod it to mode 600 before it will work
#*.* /var/log/all.log
# uncomment this to enable logging to a remote loghost named loghost
#*.* @loghost
# uncomment these if you're running inn
# news.crit /var/log/news/news.crit
# news.err /var/log/news/news.err
# news.notice /var/log/news/news.notice
!ppp
*.* /var/log/ppp.log
#tftpd logging
!tftpd
*.* /var/log/tftpd.log
#