Optimum levels for Logging?

Unanswered Question
Dec 9th, 2008

Hello folks -

We have an ASA 5510 and a 5520 that are at the perimeter of our network. 5510 is the f/w and the 5520 is the VPN concentrator. I have configured both these hosts to send syslog messages to a Syslog server. I am logging at the warning level and above for both these devices. However, I am receiving almost like 5K-6K messages per hour from each one of these devices.

With such a high rate of logging, can I optimally configure logging to get the useful information I need from the logs?

Any strategy or best practices for logging would be appreciated!!


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
John Blakley Tue, 12/09/2008 - 13:06

Well, you can filter your messages by doing a:

no logging message

This won't keep that message from being logged in the ASA, but it will keep it from being logged to the syslog. Then you can filter on your syslog on what you need.




This Discussion