Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA logging to the syslog server

Hi,

I've configured following the ASA:

pager lines 24

logging enable

logging timestamp

logging buffer-size 512000

logging asdm-buffer-size 512

logging monitor informational

logging buffered informational

logging trap debugging

logging asdm informational

logging debug-trace

no logging message 106015

no logging message 313001

no logging message 313008

no logging message 106023

no logging message 710003

no logging message 106100

no logging message 302015

no logging message 302014

no logging message 302013

no logging message 302018

no logging message 302017

no logging message 302016

no logging message 302021

no logging message 302020

flow-export destination INSIDE 10.1.10.43 9996

flow-export template timeout-rate 1

access-list DMZ_NW extended permit tcp host 1.1.1.1 host 1.1.1.1 eq 1 log

access-list DMZ_NW extended permit udp host 1.1.1.1 host 1.1.1.1 eq 1 log

access-list DMZ_NW extended permit icmp host 1.1.1.1 host 1.1.1.1 echo log

access-list DMZ_NW extended permit ip any 12.26.0.0 255.255.0.0 log

access-list DMZ_NW extended permit ip any 17.14.0.0 255.255.0.0 log

access-list DMZ_NW extended permit ip any 15.28.0.0 255.255.0.0 log

access-list DMZ_NW extended permit ip any any

access-group DMZ_NW in interface DMZ

as per above ACL, I want to log all traffice to those subnets but the syslog server isn't showing that longging information. it only shows generic messeges of local.debug.

could you advise please how do I send all logging of all "log" to the syslog server?

Thank you.

5 REPLIES

ASA logging to the syslog server

Hello Gavin,

Please add:

logging host inside  10.1.10.43 ( If that is the syslog server)

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

ASA logging to the syslog server

HI,

I made the chage so I see a little more detail now (i.e. i see only source IP address in logging, I don't see destination IP address in the logging). how do I configure it so that it will show source, destination IP and source & destination port.

Thanks...

ASA logging to the syslog server

Hello,

Please add -  logging facility 23 command.

I mean you already have the debugging level for the server.

What kind of syslog server are you using?

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

ASA logging to the syslog server

Hi Julio, Thanks for your reply. I just entered that command you recommended. I'm using "kiwi" syslog server. which one is recommended?

Thanks again,

Gavin.

ASA logging to the syslog server

Hello Gavin,

the Kiwi syslog is fine, are you getting the debuggin level messages (7), I mean you are logging everything you should see what you are looking for.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
1177
Views
0
Helpful
5
Replies
CreatePlease to create content