Filtering Events

To control the amount of information collected in the log, use the following procedure:

  1. To change logging settings do one of the following:

To change the filter level, do the following:

  1. For each of the logs you want to change, click the down arrow and choose from the following options that the Log Settings dialog box displays:

    Disabled--Inhibits event reporting for the chosen class.

    Low--Provides the least amount of information. This choice includes severity levels 1 through 3 (all faults and warnings). Low is the default for all classes.

    Medium--Includes severity levels 1 through 4; all in Low plus the first level informational events, which provide general information about the connection. Note that a first level informational event is level 4 and appears in the event display as Info/4.

    High--Includes severity levels 1 through 6, thus adding two levels of informational events (Info/5 and
    Info/6). This setting can lower the performance of all applications on your system, so use it only when your network administrator or a support engineer suggests that you do so.

  2. After making your changes, click Apply to save or Cancel to cancel your changes.

Table 5-3 defines the classes (modules) that generate events.

Table 5-3 Classes That Generate Events in the VPN Client  

Class Name

Definition

CERT

Certificate management process (CERT), which handles getting, validating, and renewing certificates from certificate authorities. CERT also displays errors that occur as you use the application.

CLI

Command Line Interface, which lets managers start and end connections, get status information and so on through a command line rather than using the VPN Client graphical user interface.

CM

Connection manager (CM), which drives VPN connections. (CM dials a PPP device, configures IKE for establishing secure connections, and manages connection states.

CVPND

Cisco VPN Daemon (main daemon), which initializes client service and controls messaging process and flow.

GUI

Windows-only component, which handles configuring a profile, initiating a connection, and monitoring it.

FIREWALL

Firewall component, which generates events related to connections through a firewall.

IKE

Internet Key Exchange (IKE) module, which manages secure associations.

IPSEC

IPSec module, which obtains network traffic and applies IPSec rules to it.

PPP

Point-to-Point Protocol.

XAUTH

Extended authorization application, which validates a remote user's credentials.

If you change the log filter levels, the change takes effect immediately for the events shown in both the Log Window and the Log tab, but while this change clears the events display on the Log tab, it does not clear the events in the log file.



Copyright © 1998-2004, Cisco Systems, Inc. All rights reserved.