Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA Logging is incomplete

In my ASA 8.2.1 ASDM 6.2.1 i see the hitcount for a "deny any any log" log increasing but i can not get the corresponding log entrys. Even marking the ACE and "show log" does not output a single line.

Getting the denied packet was only possible using packet capture and using Wireshark.

Using the Realtime Log Filter and issuing a filter on the IP (which will hit - no names) does not get most of the log entries.

Logging setup:

"logging enable

logging timestamp

logging buffer-size 1000000

logging asdm-buffer-size 512

logging console debugging

logging trap informational

logging asdm informational

logging queue 8192

logging host Server Syslog_Host

logging debug-trace

logging permit-hostdown

sh logging

Syslog logging: enabled

Facility: 20

Timestamp logging: enabled

Standby logging: disabled

Debug-trace logging: enabled

Console logging: level debugging, 1607454 messages logged

Monitor logging: disabled

Buffer logging: disabled

Trap logging: level informational, facility 20, 319012 messages logged

Logging to Server Syslog_Host errors: 2 dropped: 2

History logging: disabled

Device ID: disabled

Mail logging: disabled

ASDM logging: level informational, 35858704 messages logged"

On the syslog server i do not get much more relevant log entries..

What could be wrong?

1 REPLY

Re: ASA Logging is incomplete

Your buffer logging is disabled. That's why you don't see anything from "show log".

"Buffer logging: disabled "

180
Views
0
Helpful
1
Replies
CreatePlease to create content