62-7
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter62 Configuring Logging Policies
Syslog Logging Setup Policy Page
Version – Define the record format to be used for flow data by choosing the appropriate NetFlow
version number from this drop-down list. You can choose the blank entry to disable this option.
1 – The original record format. No additional parameters are required.
5 – The most widely adopted format; includes Border Gateway Protocol (BGP) autonomous
system (AS) information and flow sequence numbers.
If BGP is configured on your network, you can include either origin or peer AS information in
the NetFlow records. Choose origin-as or peer-as from the AS Type drop-down list. You can
choose the blank entry to disable this option.
Check Enable BGP Nexthop to include BGP next hop information in the flow caches. (Note
that with version 5, this information is visible in the caches, but it is not exported.)
9 – The most-recent, template-based version; not yet fully supported.
If BGP is configured on your network, you can include either origin or peer AS information in
the NetFlow records. Choose origin-as or peer-as from the AS Type drop-down list. You can
choose the blank entry to disable this option.
Check Enable BGP Nexthop to include BGP next hop information in the flow records.
Note AS information collection is resource intensive, especially for origin-as. If you are not interested
in monitoring peering arrangements, disabling AS collection may improve performance.
Step 3 On the Interfaces tab, define the interfaces for which traffic flows are to be reported.
To add an interface, click the Add Row button to open the Add NetFlow Interface Settings dialog
box. This dialog box is described in Adding and Editing NetFlow Interface Settings, page62-15.
To edit an existing interface, select the appropriate entry in the Interfaces table and then click the
Edit Row button to open the Edit NetFlow Interface Settings dialog box (described in Adding and
Editing NetFlow Interface Settings, page 62-15).
To delete an existing interface, select that entry in the Interfaces table and then click the Delete Row
button, and then confirm the deletion.
Note You can disable NetFlow data collection on an interface without deleting it. Refer to Adding and
Editing NetFlow Interface Settings, page 62-15 for more information.
Syslog Logging Setup Policy Page
Use the Syslog Logging Setup page to enable syslog logging and define basic logging parameters on the
selected Cisco IOS router.
For more information, see Defining Syslog Logging Setup Parameters, page 62-1.
Note We strongly recommend that you define an NTP policy on all routers on which logging is enabled in
order to create accurate timestamps for each log message. For more information, see NTP Policy Page,
page 60-98.