Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA5505 Notification Messages Not DIsplaying

i have two of these, one is installed in my home and the other is installed at work.  i haveset up a syslog server to capture and store the messages from the 5505.  in the asa logging setup i have the severity levels set to filter out the debug and informational  level messages.  for some reason, the notification level messages, which display all the browsing activity of the network clients - have stopped displaying in the asdm console, these have been displaying religiously for several months now.  due to this, the syslog server which i am using to store the logs does not have the information either.  i'm not sure why they have stopped.  the asdm version is 7.1(3) and the asa version is 9.1(2) on both asa devices.

  • Firewalling
1 ACCEPTED SOLUTION

Accepted Solutions
VIP Green

ASA5505 Notification Messages Not DIsplaying

syslog ID 710001 and 710002 are part of the 3 way handshake so you might want to start by checking that these are set to the right level.

http://www.cisco.com/en/US/docs/security/asa/syslog-guide/asa-syslog.pdf

But from your running config it doesn't look like any of the logging message IDs have been altered from their default settings.

If you change the logging level to informational, do you see the expected logs then?

Perhaps if you tried removing the logging configuration and then re-adding it again.

--
Please remember to rate and select a correct answer

-- Please remember to rate and select a correct answer
9 REPLIES
VIP Green

Re: ASA5505 Notification Messages Not DIsplaying

Has logging been turned off by accident perhaps? check using the CLI...not the ASDM.

--
Please remember to rate and select a correct answer

-- Please remember to rate and select a correct answer
New Member

Re: ASA5505 Notification Messages Not DIsplaying

that was the first thing i checked.  i have logging enabled and the severity level set to Notifications.  if i set the trap level to debug or informational, i get the typical flood of messages but no notification messages.  this is what i have set for logging:

logging enable

logging timestamp

logging asdm-buffer-size 512

logging trap notifications

logging asdm notifications

logging facility 16

logging queue 1024

logging host inside 192.168.2.100

logging permit-hostdown

Super Bronze

ASA5505 Notification Messages Not DIsplaying

Hi,

I guess on Notifications level you would essentially only see Deny messages of traffic blocked by interface ACL.

Informational messages by default contain connection/translation build/teardown messages.

Have you perhaps configured separate logging setting on the actual ACL rules that might have been modified so that they stopped logging?

- Jouni

New Member

ASA5505 Notification Messages Not DIsplaying

i have checked a few times for an errant setting but i must be blind in one eye and can't see out of the other as nothing stands out as being wrong.  not sure what to look for.

VIP Green

ASA5505 Notification Messages Not DIsplaying

Would you be able to post a full sanitised running config for us to look over?

--
Please remember to rate and select a correct answer

-- Please remember to rate and select a correct answer
New Member

ASA5505 Notification Messages Not DIsplaying

i will put a sanitized copy of the running config up but it will take me about 5 more hours before i am able to do so... thanks for taking the time to look at this...

New Member

Re: ASA5505 Notification Messages Not DIsplaying

hi Marius,

before posting the running configuration...  in the configuration -> device management -> syslog setup there are hundreds of syslog id's with their various logging levels set.  the problem we've been dealing with is the level 5 messages - Notifications.  browsing through this level via a doc from the cisco website it appears there are many messages set to level 4 and higher for the logging level.  i do not know the actual syslog id's that are used to log web browsing activity but do you suppose this could be a cause for my dilemma?  if so, which of the id's are used for trapping the logs for web browsing?

here is the "sanitized" version of my running configuration      

VIP Green

ASA5505 Notification Messages Not DIsplaying

syslog ID 710001 and 710002 are part of the 3 way handshake so you might want to start by checking that these are set to the right level.

http://www.cisco.com/en/US/docs/security/asa/syslog-guide/asa-syslog.pdf

But from your running config it doesn't look like any of the logging message IDs have been altered from their default settings.

If you change the logging level to informational, do you see the expected logs then?

Perhaps if you tried removing the logging configuration and then re-adding it again.

--
Please remember to rate and select a correct answer

-- Please remember to rate and select a correct answer
New Member

ASA5505 Notification Messages Not DIsplaying

hi marius...  i discovered the issue last night... For some reason, the http service policy and the http inspection map disappeared.  i recreated them and all is good… the only issue now since it's working is i can't remember how i had it setup to display on the asdm console the source ip, source port, destination ip and destination port.  anyway, i'll post that into a new request after i take a little time to read up...  thanks for the help

265
Views
0
Helpful
9
Replies
This widget could not be displayed.