Chapter 3. Command Reference
< alert audit block firewallblock firewallsession sys vpn > seconds
sets the synchronization interval in seconds for the specified file. A value of 0 means all writes to that file are immediately written to the hard disk. A value of
•the user enters a conf t ramdisk
•the device is rebooted or halted
conf t
The configure terminal
Note: Designating a remote syslog server does not automatically send attack and block notifications to that server. You must also select the Remote System Log contact by going to the Filters/Vulnerability filters/Action Sets area in the LSM and either creating or editing an action set. After you apply these changes, active filters that are associated with this action set will send remote messages to the designated server.
CAUTION: Only use remote syslog on a secure, trusted network. Remote syslog, in adherence to RFC 3164, sends clear text log messages using the UDP protocol. It does not offer any additional security protections. You should not use remote syslog unless you can be sure that syslog messages will not be intercepted, altered, or spoofed by a third party.
delete ip port
deletes a remote syslog collector.
update ip port
creates or updates a remote syslog collector. A collector is specified by the required parameters IP address and port, plus a delimiter and facility numbers for alert messages, block messages, and misuse/abuse messages. The facility numbers are all optional.
optional facility setting for alert. The range is
optional facility setting for block. The range is
optional facility setting for misuse and abuse. The range is
setting for the log delimiter. Valid delimiters include tab, comma, semicolon, and bar.
62 X Family CLI Reference V 2.5.1