Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA access list's logging

Hi,

I have ASA firewalls from which I need logs collected from few ACL rules.

logging enable

logging timestamp

logging console errors

logging buffered notifications

logging trap informational

logging asdm informational

logging facility 22

logging host inside 10.1.23.22

access-list access_out extended permit ip any any log debugging interval 300

I have this logging configuration and the a access rule to log all connections. But I dont get any logs from this access list rule or this access list. The only log I get is Built/Teardown log and some system notifications.

What is missing here, I want to get "access-list" log for connections hitting this ACL rule.

Thanks..

4 REPLIES

Re: ASA access list's logging

In your ACL, you set the log level to debugging...

Your ASA is not configure to log any message of that level. Let's say you want to send the log in the buffer, you would need to configure:

logging buffered debugging

New Member

Re: ASA access list's logging

Hi,

Thanks for the reply.

The ACL is set to debug level, and I am looking for logs to come on the syslog server, not just in the buffer.

So I am not sure what else I need to add in it.

Thanks...

Silver

Re: ASA access list's logging

Put in :

logg trap 7

Should work then.

Do rate helpful posts.

Regards,

Sushil

Silver

Re: ASA access list's logging

Why do you need "logging trap 7"? I thought

"logging trap 6" will send ACL log to the syslog

server.

I have a couple of Pix firewalls that send

ACL logs to Linux syslog server with "logging

trap 6" in the configuration.

2787
Views
0
Helpful
4
Replies