cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
tmasazo
New Contributor

3130 Event-history Firewall Excerpts

Jump to solution

Is there no way to exclude firewall excerpts from the event history? I have tried changing the priority level to warning in hopes of limiting the firewall logs due to it filling the logs up. I only want interface and protocol to be logged. Not sure if this is even possible. it's a AdTran NetVanta 3130.

Thanks

Tags (2)
0 Kudos
1 Solution

Accepted Solutions
Anonymous
Not applicable

Re: 3130 Event-history Firewall Excerpts

Jump to solution

- The commands in bold in my original post are the commands you will need to issue from enable mode to change the threshold settings. By changing these settings, it will change the number of times a particular event occurs before it is logged to the event history. By increasing the threshold (which is 100 default), potentially, the events would be logged less often. This, of course, depends on how often these events are occurring.

Let us know if you have any further questions.

Thanks,

Noor

View solution in original post

0 Kudos
3 Replies
Anonymous
Not applicable

Re: 3130 Event-history Firewall Excerpts

Jump to solution

- Thanks for posting your question to the forum!  Unfortunately, there is now way to exclude certain events from the event history beyond changing the priority level. However, you can increase the firewall attack-log threshold and policy-log threshold so that the events aren't logged as often. This can be changed in the CLI with the following commands from config mode:

ip firewall attack-log threshold <number of attacks to match before logging>

ip firewall policy-log threshold <number of policies to match before logging>

Both of these settings are set to 100 by default.

Please do not hesitate to let us know if you have any further questions.

Thanks,

Noor

tmasazo
New Contributor

Re: 3130 Event-history Firewall Excerpts

Jump to solution

- Can you point me in the direction of reading material that explains more on this? I have the  AOS command line guide but doesn't go into much detail about how to set this and the effects it has on the device. Thanks!

Anonymous
Not applicable

Re: 3130 Event-history Firewall Excerpts

Jump to solution

- The commands in bold in my original post are the commands you will need to issue from enable mode to change the threshold settings. By changing these settings, it will change the number of times a particular event occurs before it is logged to the event history. By increasing the threshold (which is 100 default), potentially, the events would be logged less often. This, of course, depends on how often these events are occurring.

Let us know if you have any further questions.

Thanks,

Noor

0 Kudos