ASA access list's logging

Unanswered Question
Sep 23rd, 2008

Hi,

I have ASA firewalls from which I need logs collected from few ACL rules.

logging enable

logging timestamp

logging console errors

logging buffered notifications

logging trap informational

logging asdm informational

logging facility 22

logging host inside 10.1.23.22

access-list access_out extended permit ip any any log debugging interval 300

I have this logging configuration and the a access rule to log all connections. But I dont get any logs from this access list rule or this access list. The only log I get is Built/Teardown log and some system notifications.

What is missing here, I want to get "access-list" log for connections hitting this ACL rule.

Thanks..

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dominic.caron Wed, 09/24/2008 - 05:04

In your ACL, you set the log level to debugging...

Your ASA is not configure to log any message of that level. Let's say you want to send the log in the buffer, you would need to configure:

logging buffered debugging

innetsecwork Wed, 09/24/2008 - 06:30

Hi,

Thanks for the reply.

The ACL is set to debug level, and I am looking for logs to come on the syslog server, not just in the buffer.

So I am not sure what else I need to add in it.

Thanks...

suschoud Wed, 09/24/2008 - 11:10

Put in :

logg trap 7

Should work then.

Do rate helpful posts.

Regards,

Sushil

cisco24x7 Wed, 09/24/2008 - 11:35

Why do you need "logging trap 7"? I thought

"logging trap 6" will send ACL log to the syslog

server.

I have a couple of Pix firewalls that send

ACL logs to Linux syslog server with "logging

trap 6" in the configuration.

Actions

This Discussion