Filter
Top Products
19-10
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 19 Understanding Logging
About Logging
The syslog message data or payload is the same as the Local Store Message Format, which is described
in Table 19-2.
The remote syslog server targets are identified by the facility code names LOCAL0 to LOCAL7 (LOCAL6
is the default logging location.) Log messages that you assign to the remote syslog server are sent to the
default location for Linux syslog (/var/log/messages), however; you can configure a different location
on the server.
The remote syslog server cannot function as a critical log target. See Critical Log Target, page 19-7 for
more information on critical log targets.
Monitoring and Reports Server Target
You can use the web interface to configure logging category messages so that they are sent to the
Monitoring and Reports server target. Log messages are sent to the Monitoring and Reports server target
in accordance with the syslog protocol standard (see RFC-3164). The syslog protocol is an unsecure
UDP protocol.
Log messages are sent to the Monitoring and Reports server with the syslog message header format
described in Table 19-3, which precedes the local store syslog message format (see Table 19-2).
The Monitoring and Reports server cannot function as a critical log target. See Critical Log Target,
page 19-7 for more information on critical log targets.
Viewing Log Messages
You can use the web interface and the CLI to view locally stored log messages. You cannot view log
messages that are sent to remote syslog servers via the web interface or the CLI.
In the web interface, choose Monitoring and Reports > Launch Monitoring & Report Viewer to open
the Monitoring and Reports Viewer in a secondary window (see Figure 19-1). See Command Line
Interface Reference Guide for Cisco Secure Access Control System 5.3 for more information about
viewing log messages via the CLI.
Figure 19-1 Monitoring and Reports Viewer