ASA Logging is incomplete

Unanswered Question

In my ASA 8.2.1 ASDM 6.2.1 i see the hitcount for a "deny any any log" log increasing but i can not get the corresponding log entrys. Even marking the ACE and "show log" does not output a single line.

Getting the denied packet was only possible using packet capture and using Wireshark.

Using the Realtime Log Filter and issuing a filter on the IP (which will hit - no names) does not get most of the log entries.

Logging setup:

"logging enable

logging timestamp

logging buffer-size 1000000

logging asdm-buffer-size 512

logging console debugging

logging trap informational

logging asdm informational

logging queue 8192

logging host Server Syslog_Host

logging debug-trace

logging permit-hostdown

sh logging

Syslog logging: enabled

Facility: 20

Timestamp logging: enabled

Standby logging: disabled

Debug-trace logging: enabled

Console logging: level debugging, 1607454 messages logged

Monitor logging: disabled

Buffer logging: disabled

Trap logging: level informational, facility 20, 319012 messages logged

Logging to Server Syslog_Host errors: 2 dropped: 2

History logging: disabled

Device ID: disabled

Mail logging: disabled

ASDM logging: level informational, 35858704 messages logged"

On the syslog server i do not get much more relevant log entries..

What could be wrong?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Yudong Wu Thu, 10/08/2009 - 11:39

Your buffer logging is disabled. That's why you don't see anything from "show log".

"Buffer logging: disabled "


This Discussion