1 日誌服務器配置
logging enable
logging host dmz 192.168.1.233
logging emblem
logging timestamp
logging trap toRsysLog
logging list toRsysLog level 4
logging list toRsysLog level 5 class auth
logging list toRsysLog level 5 class session
logging permit-hostdown
logging facility 17
2 linux 日誌服務器配置
1)打開tcp/upd 514端口
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514
2)增加允許訪問的IP、域名
$AllowedSender TCP, 127.0.0.1, 192.168.3.0/24,*.sina.com
3)日誌文件
vim/etc/rsyslog.conf
增加如下行:
local1.* /var/asa5520/firewall.log
3 調整asa5520時間
clock set 14:29:20 Sep 25 2013 #時間
clock timezone China 8 #選時區
4 調整linux時區
tzselect
date -s "2013-9-25 14:27:55" #時間設置
clock -w #寫入硬件