Cisco Systems CL-28826-01 Syslog Logging Setup Policy Page

62-7

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter62 Configuring Logging Policies

Syslog Logging Setup Policy Page

•Version – Define the record format to be used for flow data by choosing the appropriate NetFlow

version number from this drop-down list. You can choose the blank entry to disable this option.

–

1 – The original record format. No additional parameters are required.

–

5 – The most widely adopted format; includes Border Gateway Protocol (BGP) autonomous

system (AS) information and flow sequence numbers.

If BGP is configured on your network, you can include either origin or peer AS information in

the NetFlow records. Choose origin-as or peer-as from the AS Type drop-down list. You can

choose the blank entry to disable this option.

Check Enable BGP Nexthop to include BGP next hop information in the flow caches. (Note

that with version 5, this information is visible in the caches, but it is not exported.)

–

9 – The most-recent, template-based version; not yet fully supported.

If BGP is configured on your network, you can include either origin or peer AS information in

the NetFlow records. Choose origin-as or peer-as from the AS Type drop-down list. You can

choose the blank entry to disable this option.

Check Enable BGP Nexthop to include BGP next hop information in the flow records.

Note AS information collection is resource intensive, especially for origin-as. If you are not interested

in monitoring peering arrangements, disabling AS collection may improve performance.

Step 3 On the Interfaces tab, define the interfaces for which traffic flows are to be reported.

•To add an interface, click the Add Row button to open the Add NetFlow Interface Settings dialog

box. This dialog box is described in Adding and Editing NetFlow Interface Settings, page62-15.

•To edit an existing interface, select the appropriate entry in the Interfaces table and then click the

Edit Row button to open the Edit NetFlow Interface Settings dialog box (described in Adding and

Editing NetFlow Interface Settings, page 62-15).

•To delete an existing interface, select that entry in the Interfaces table and then click the Delete Row

button, and then confirm the deletion.

Note You can disable NetFlow data collection on an interface without deleting it. Refer to Adding and

Editing NetFlow Interface Settings, page 62-15 for more information.

Syslog Logging Setup Policy Page

Use the Syslog Logging Setup page to enable syslog logging and define basic logging parameters on the

selected Cisco IOS router.

For more information, see Defining Syslog Logging Setup Parameters, page 62-1.

Note We strongly recommend that you define an NTP policy on all routers on which logging is enabled in

order to create accurate timestamps for each log message. For more information, see NTP Policy Page,

page 60-98.