CHAP TER
52-1
User Guide for Cisco Security Manager 4.4
OL-28826-01
52
Configuring Logging Policies on Firewall Devices
The Logging feature lets you enable and manage NetFlow “collectors,” and enable system logging, set
up logging parameters, configure event lists (syslog filters), apply the filters to a destination, set up
syslog messages, configure syslog servers, and specify e-mail notification parameters.
After you enable logging and set up the logging parameters using the Logging Setup page, the Event
Lists page lets you configure filters (for a set of syslogs) which can be sent to a logging destination. The
Logging Filters page lets you specify a logging destination for the syslogs to be sent. Finally, the Syslog
and E-Mail pages configure syslog and e-mail setup.
This chapter contains the following topics:
NetFlow Page, page 52-1
E-Mail Setup Page, page 52-3
Event Lists Page, page 52-4
Logging Filters Page, page 52-7
Configuring Logging Setup, page 52-9
Configuring Rate Limit Levels, page 52-12
Configuring Syslog Server Setup, page 52-15
Defining Syslog Servers, page 52-20

NetFlow Page

A device configured for NetFlow data export captures flow-based traffic statistics on the device. This
information is periodically transmitted from the device to a NetFlow collection server, in the form of
User Datagram Protocol (UDP) datagrams.
The NetFlow page lets you enable NetFlow export on the selected device, and define and manage
NetFlow “collectors” to which collected flow information is transmitted.
Navigation Path
(Device view) Select Platform > Logging > NetFlow from the Device Policy selector.
(Policy view) Select PIX/ASA/FWSM Platform > Logging > NetFlow from the Policy Type
selector. Select an existing policy from the Shared Policy selector, or create a new one.