To enable the sending of Syslog messages from a Cisco PIX Firewall…
Visit the Cisco web site at:
www.cisco.com/warp/public/110/pixsyslog.html
Information on the PIX log messages can be found at:
www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/63syslog/pixemsgs.htm
www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v53/syslog/pixemsgs.htm
or: www.cisco.com/cgi-bin/Support/Errordecoder/home.pl
or: www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/index.htm
Notes:
If you choose to send syslog messages from the PIX using the TCP protocol, you may want to also add the following command:
logging permit-hostdown
This will stop the PIX from not forwarding traffic if the syslog server becomes unavailable for some reason. Without this command the PIX will stop forwarding any traffic as soon as the syslog server TCP connection can not be established.
More information on TCP inputs and configuring a PIX for use with Kiwi Syslog.
Information on sending SNMP traps or Syslog messages from your PIX via a secure VPN tunnel can be found at:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094469.shtml