cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5112
Views
0
Helpful
4
Replies

ASA access list's logging

innetsecwork
Level 1
Level 1

Hi,

I have ASA firewalls from which I need logs collected from few ACL rules.

logging enable

logging timestamp

logging console errors

logging buffered notifications

logging trap informational

logging asdm informational

logging facility 22

logging host inside 10.1.23.22

access-list access_out extended permit ip any any log debugging interval 300

I have this logging configuration and the a access rule to log all connections. But I dont get any logs from this access list rule or this access list. The only log I get is Built/Teardown log and some system notifications.

What is missing here, I want to get "access-list" log for connections hitting this ACL rule.

Thanks..

4 Replies 4

dominic.caron
Level 5
Level 5

In your ACL, you set the log level to debugging...

Your ASA is not configure to log any message of that level. Let's say you want to send the log in the buffer, you would need to configure:

logging buffered debugging

Hi,

Thanks for the reply.

The ACL is set to debug level, and I am looking for logs to come on the syslog server, not just in the buffer.

So I am not sure what else I need to add in it.

Thanks...

Put in :

logg trap 7

Should work then.

Do rate helpful posts.

Regards,

Sushil

Why do you need "logging trap 7"? I thought

"logging trap 6" will send ACL log to the syslog

server.

I have a couple of Pix firewalls that send

ACL logs to Linux syslog server with "logging

trap 6" in the configuration.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: