Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA logs

Hi..

I am facing issue with accessing firewall syslog files.the size is around 2GB.It says i need to open it with another editor rather than notepad.I tried with wordpad but it hungsup.

Any suggestions on this.Also i have heard that the logs are stored by date( a day each) in seperate log files.How do i enable that?

Thanks in advance!

11 REPLIES
Silver

Re: ASA logs

The best syslog would be syslog-ng which will give the ability to rotate the log file at certain size, date, etc... If you have multiple firewalls, syslog-ng can store logs in separate files.

syslog-ng comes free with most Linux distribution

Re: ASA logs

Any application will have trouble opening a 2GB log file. Try using a syslog server like RSyslog (http://www.rsyslog.com/) it also has a web front-end so you can view a log and filter the results. If you want to have each device as a separate log file, you will need to configure it in your conf file on your server.

Hope that helps.

New Member

Re: ASA logs

ok..not each device as seperate log file...same device but it would give seperate log files for each day..is there a way on this..

thanks!

Re: ASA logs

Sure, again it would be configured in the syslog conf file.

Silver

Re: ASA logs

This is why "splunk" was developed.

New Member

Re: ASA logs

For viewing large syslog files, or any large text file for that matter, I like UltraEdit. UltraEdit can handle and edit files in excess of 4 gigabytes.

It's fairly inexpensive and has tons of great attributes that make it worth every penny!!!

Re: ASA logs

UltraEdit is the best text editor out there, however even it has problems with a 2GB file (probably more the PC than the app). I also use GSplit to take the file and break it up. Excel and it's Auto Filter option are very useful as well.

Silver

Re: ASA logs

Why would anyone want to view a >2GB file is beyond me. Perl, MySQL, awk and grep were developed for extracting from large file like this.

New Member

Re: ASA logs

thanks for the inputs..another query.

how do you stop the logs being continually generated/updated to the particular text file inside the system logs from the device.

I am trying to delete the log file...but it says something else is using this,probably the firewall is generating logs into this.

Any ideas on this..how do we stop this for sometime..do i need to configure anything on firewall for this?

Thanks!!

New Member

Re: ASA logs

Any ideas on stopping the above!

thanks!!

Re: ASA logs

You either have to stop syslog from the firewall, stop it on the server or copy the log file and read the copied file.

316
Views
8
Helpful
11
Replies
CreatePlease to create content