Yes, the logging is set properly. see below.

logging buffered informational
logging trap GoEvent
logging asdm informational
logging mail critical

i get lots of hits but no logging. i think this is a bug, i have 20 asa all on 8.04 and i dont have aproblem, i have 2 asa on 8.22 and on bnoth i have this problem.

anyone else? i will prob downgrade to 8.04.

Hello,

Do you see the messages in the output of 'show logg' on the ASA? How about in the main ASDM logging window on the Home tab?

Does the output of 'show logging queue' on the ASA indicate that any messages are being discarded?

-Mike

Yes, i see messages in the buffer as well asdm. The queue has no drops.  The problem is when i look for a particular flow in the log corresponding to an ace it doesnt show up.

example: i am logging an ACE informational, i right mouse click on that ACE and do a sh log or go to real-time log viewer and search for a certain flow for a deny or a permit it doesnt show up.  The connection tear downs are being logged but not the acl permit.

all my firewalls (20 ASA 8.04) are configured the same way for logging. i have two firewalls one with 8.21 and one with 8.22 have this problem.

Does anyone else see this problem?

I tried this on my ASA running 8.2(2) and using ASDM 6.3(4) and it seems to work as expected. If you try to change the logging level on the ACE to something higher (say level 3 or 4), does it show up in the real-time viewer?

-Mike

is your asa a 5520? i set the logging to debug as well as not and the same result

Mine is a 5505, but they both run the same 8.2(2) image. This sounds like an issue with ASDM if the logs are showing up fine in the ASA and ASDM buffers. There is a bug where logged ACEs at the debugging level don't show up in the real-time viewer, but it should work at the informational level. Did you get a chance to try at a level like 3 or 4 to see if they show up in the real-time viewer?

-Mike

yes i tried at notification also.

thanks. im still waiting for Cisco.