API tools faq
paste
Advertisement
m4ly

ASA Rsyslog

m4ly
Jun 5th, 2015
90
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 1.14 KB | None | 0 0
raw download clone embed print report
  1.  
  2. cat /etc/rsyslog.conf
  3. # rsyslog v5 configuration file
  4. $ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
  5. $ModLoad imklog   # provides kernel logging support (previously done by rklogd)
  6.  
  7. # Provides UDP syslog reception
  8. $ModLoad imudp
  9. $UDPServerRun 514
  10.  
  11. # $template MyASAFormat,"timereported:%timereported% fromhost:%FROMHOST% hostname:%HOSTNAME% tag:%syslogtag%(%pri% ) message:%msg:::drop-last-lf%\n"
  12.  
  13. $template MyASAFormat,"%timereported%%msg:::drop-last-lf%\n"
  14. $template MyASAVPNRegex,"%msg:R,ERE,0,DFLT:\%ASA-[0-9]-(316|320|402|404|501|602|702|713|714|715)[0-9]{3}:.*--end%\n"
  15. $template MyASAGeneralLog,"/var/log/cisco/%HOSTNAME%/asa-general.log"
  16. $template MyASAVPNLog,"/var/log/cisco/%HOSTNAME%/asa-vpn.log"
  17.  
  18. [...]
  19. # Dawid Mocek. 25-05-2015
  20. # Cisco ASA
  21. # local0.*                                              /var/log/cisco.log;asaFormat
  22. # local0.*                                              /var/log/cisco.log
  23.  
  24. local0.*                                                ?MyASAGeneralLog;MyASAFormat
  25. :msg, ereregex,"\%ASA-[0-9]-(316|320|402|404|501|602|702|713|714|715)[0-9]{3}:" -?MyASAVPNLog;MyASAFormat
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!