You can integrate Cisco Pix security appliances with JSA.
The Cisco Pix DSM for JSA accepts Cisco Pix events by using syslog. JSA records all relevant Cisco Pix events.
Configuring Cisco Pix to Forward Events
You can configure Cisco Pix to forward events.
- Log in to your Cisco PIX appliance by using a console connection, telnet, or SSH.
- Type the following command to access Privileged mode:
- Type the following command to access Configuration mode:
- Enable logging and time stamp the logs:
- Set the log level:
logging trap warning
- Configure logging to JSA:
logging host <interface> <IP address>
<interface> is the name of the interface, for example, DMZ, LAN, ethernet0, or ethernet1.
<IP address> is the IP address of the JSA host.
The configuration is complete. The log source is added to JSA as Cisco Pix Firewall events are automatically discovered. Events that are forwarded to JSA by Cisco Pix Firewalls are displayed on the Log Activity tab of JSA.
Syslog Log Source Parameters for Cisco Pix
If JSA does not automatically detect the log source, add a Cisco Pix Firewall log source on the JSA Console by using the syslog protocol.
When using the syslog protocol, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect syslog events from Cisco Pix Firewall devices:
Table 1: Syslog Log Source Parameters for the Cisco Pix DSM
Log Source type
Cisco Pix Firewall
Log Source Identifier
Type the IP address or host name for the log source.
The identifier helps you determine which events came from your Cisco Pix Firewall.