[loganalysis] Cisco ICMP logs

From: Jas Amidzic (jasmin.amidzicat_private)
Date: Sun Aug 12 2001 - 22:00:35 PDT

Next message: Andreas Östling: "[loganalysis] Re: Central syslog server best practices?"

Previous message: Marlys A Nelson: "Re: Central syslog server best practices?"
Next in thread: Glenn Forbes Fleming Larratt: "Re: [loganalysis] Cisco ICMP logs"
Reply: Glenn Forbes Fleming Larratt: "Re: [loganalysis] Cisco ICMP logs"
Reply: Mike Hoskins: "Re: [loganalysis] Cisco ICMP logs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I am trying to make some sense of a Cisco Router logs. In particular ICMP logs,
does anyone know how to differentiate between different ICMP packet logs
recorded by the router. I am thinking that  (digit/digit) field has to do
somthing with the ICMP message type but I am not sure.

e.g.

Dec  8 16:07:45 <ciscorouter> 3128095: Dec  8 16:07:44:
%SEC-6-IPACCESSLOGDP:
 list 104 denied icmp xxx.yyy.201.225 -> abc.def.64.77 (3/1), 1 packet

Dec  8 16:07:45 <ciscorouter> 3128095: Dec  8 16:07:44:
%SEC-6-IPACCESSLOGDP:
 list 104 denied icmp xxx.yyy.201.225 -> abc.def.64.77 (11/0), 1 packet


Thanks
     Jas




-----------------------------------------------
ABS Australian Business Number:  26 331 428 522     ABS Web Site:  www.abs.gov.au

---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

Next message: Andreas Östling: "[loganalysis] Re: Central syslog server best practices?"
Previous message: Marlys A Nelson: "Re: Central syslog server best practices?"
Next in thread: Glenn Forbes Fleming Larratt: "Re: [loganalysis] Cisco ICMP logs"
Reply: Glenn Forbes Fleming Larratt: "Re: [loganalysis] Cisco ICMP logs"
Reply: Mike Hoskins: "Re: [loganalysis] Cisco ICMP logs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 13 2001 - 14:57:50 PDT