Educause Security Discussion mailing list archives

Re: Cisco Pix firewall question

From: Kevin Hayes <krhayes () OAKLAND EDU>
Date: Fri, 7 Aug 2009 14:32:31 -0400

Anand,

Level 5 (Notifications) are generated when executing commands in PIX,
ASA and FWSM environments, including modifying access-list
statements.  You can use event ID 111008 if you want to create a
special event filter to look for commands that are executed on the
firewall.

--Kevin

Kevin Hayes
Network Security Analyst

225 Dodge Hall
Oakland University
(248) 370-2546






On Aug 7, 2009, at 1:35 PM, Anand S Malwade wrote:


Is anyone familiar as to what logging level is associated with
changes ( add,modify,delete ) to the Firewall rules within PIX ? We
essentially want to capture a minimum of this level via syslog
redirection.

Thanks,
Anand

Current thread:

Cisco Pix firewall question Anand S Malwade (Aug 07)
- <Possible follow-ups>
- Re: Cisco Pix firewall question Kevin Hayes (Aug 07)
- Re: Cisco Pix firewall question Di Fabio, Andrea (Aug 07)