[146722] in North American Network Operators' Group
Re: ASA log viewer
daemon@ATHENA.MIT.EDU (Duane Toler)
Mon Nov 21 11:02:57 2011
In-Reply-To: <CAAAwwbVZbw0ALPFLiSb=LqeMb3vFz-xY53KK_jkm-9gwHbgpgQ@mail.gmail.com>
Date: Mon, 21 Nov 2011 11:01:54 -0500
From: Duane Toler <detoler@gmail.com>
To: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sun, Nov 20, 2011 at 17:33, Jimmy Hess <mysidia@gmail.com> wrote:
> Yes.
> logging permit-hostdown
>
> However, =A0if you don't need to refuse connections when TCP syslog
> fails, then you don't need 100% of your syslog messages, =A0 you should
> use UDP syslog for performance.
>
> TCP just makes sure you will get all syslog messages between time A
> and time B =A0 =A0 or none of them.
> If there are WAN issues, =A0there are many cases where one would prefer
> SOME syslog messages, with an understanding that the network
> bottleneck means messages are being lost, =A0rather than =A0few/no syslog
> messages to help =A0debug the issue
>
> --
> -JH
>
Except you can't do syslog via TLS with UDP. :-/
--
Duane Toler
detoler@gmail.com
