Filter
Top Products
E-44
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.1
OL-24002-01
Appendix E Troubleshooting
Troubleshooting the Appliance
Logging
TAC may suggest that you turn on debug logging for troubleshooting purposes. Logger controls what
log messages are generated by each application by controlling the logging severity for different logging
zones. By default, debug logging is not turned on. If you enable individual zone control, each zone uses
the level of logging that it is configured for. Otherwise, the same logging level is used for all zones. This
section contains the following topics:
•
Enabling Debug Logging, page E-44
•
Zone Names, page E-48
•
Directing cidLog Messages to SysLog, page E-49
Enabling Debug Logging
Caution
Enabling debug logging seriously affects performance and should only be done when instructed by TAC.
To enable debug logging, follow these steps:
Step 1
Log in to the service account.
Step 2
Edit the log.conf file to increase the size of the log to accommodate the additional log statements.
vi /usr/cids/idsRoot/etc/log.conf
Step 3
Change
fileMaxSizeInK=500
to
fileMaxSizeInK=5000
.
Step 4
Locate the zone and CID section of the file and set the severity to debug.
severity=debug
Step 5
Save the file, exit the vi editor, and exit the service account.
Step 6
Log in to the CLI as administrator.
Step 7
Enter master control submode.
sensor# configure terminal
sensor(config)# service logger
sensor(config-log)# master-control
Step 8
Enable debug logging for all zones.
sensor(config-log-mas)# enable-debug true
sensor(config-log-mas)# show settings
master-control
-----------------------------------------------
enable-debug: true default: false
individual-zone-control: false <defaulted>
-----------------------------------------------
sensor(config-log-mas)#