Bug #209: cisco-asa rules dont work when changing syslog logging levels - Prelude-LML - UNITY 360

Bug #209

cisco-asa rules dont work when changing syslog logging levels

Added by about 16 years ago. Updated about 14 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Yoann VANDOORSELAERE

Target version:

0.9.9

Start date:

Due date:

% Done:

Resolution:

fixed

Description

all cisco pix/asa syslog messages begin with a prefix like this:

%PIX-<logging_level>-<message_number>

it is possible to change the logging level of alerts so that, for example, a message that is normally informational (level 6) will be displayed at the warning level (level 4). this changes the logging_level part of the message prefix. unfortunately, this causes the current cisco rules to stop working, because they depend on the default logging_level. the rules should not care about the logging_level, as it is user-configurable on the pix itself (this is probably true for cisco routers and switches as well).

History

#1 Updated by about 16 years ago

Fixed in 8971

#2 Updated by about 16 years ago

Status changed from New to Closed
Resolution set to fixed

Closed

#3 Updated by Yoann VANDOORSELAERE about 14 years ago

Project changed from PRELUDE SIEM to Prelude-LML
Category deleted (4)
Target version deleted (~~0.9.9~~)

Also available in: Atom PDF

Project

General

Profile