Is there a good book on Cisco syslog / snmp other than the Network Security volume?
Are there documented tips on audit trail / syslog configuration somewhere?
Is there another way to do this without paying for CiscoWorks? Does CiscoWorks graph these syslog results?
Every book I bought for Cisco IOS (7 of them) didn't explain how to watch what traffic is passing through the router at this moment. We get attacked, can't determine who's doing it... its not a great feeling.
Today, I stumbled onto Kiwi's Syslog Service Manager and found that Cisco IOS CBAC - IP inspect - was the engine that makes this happen. Our 2621 with IOS 12.03 / firewall is now piping the audit trail to my syslog and computer display. I can see how this log could run out of hard drive space at some point, but when? Do I turn off audit and only use it when really necessary?
Now I can see the tcp, ftp and udp traffic passing through my router. Now I don't feel powerless with panic. It's taken me since 1995 to find this on my own, so there are drawbacks to not getting formal training.
Thanks in advance for your time!
Are there documented tips on audit trail / syslog configuration somewhere?
Is there another way to do this without paying for CiscoWorks? Does CiscoWorks graph these syslog results?
Every book I bought for Cisco IOS (7 of them) didn't explain how to watch what traffic is passing through the router at this moment. We get attacked, can't determine who's doing it... its not a great feeling.
Today, I stumbled onto Kiwi's Syslog Service Manager and found that Cisco IOS CBAC - IP inspect - was the engine that makes this happen. Our 2621 with IOS 12.03 / firewall is now piping the audit trail to my syslog and computer display. I can see how this log could run out of hard drive space at some point, but when? Do I turn off audit and only use it when really necessary?
Now I can see the tcp, ftp and udp traffic passing through my router. Now I don't feel powerless with panic. It's taken me since 1995 to find this on my own, so there are drawbacks to not getting formal training.
Thanks in advance for your time!