Hello folks -
We have an ASA 5510 and a 5520 that are at the perimeter of our network. 5510 is the f/w and the 5520 is the VPN concentrator. I have configured both these hosts to send syslog messages to a Syslog server. I am logging at the warning level and above for both these devices. However, I am receiving almost like 5K-6K messages per hour from each one of these devices.
With such a high rate of logging, can I optimally configure logging to get the useful information I need from the logs?
Any strategy or best practices for logging would be appreciated!!