Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

FWSM and failover syslog messages.

Hello.

I need to add a new syslog server on my FWSM to send it only failover related messages.

Any ideas?

Thanks.

Regards.

Andrea

1 ACCEPTED SOLUTION

Accepted Solutions

Re: FWSM and failover syslog messages.

Hello Andrea,

The think with this kind of setups is that the ASA will send all the messages belonging to that class to all of the syslog servers or will not send them at all.

So at this point its not supported.

Regards,

Julio

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
9 REPLIES

FWSM and failover syslog messages.

Hello Andrea,

-Lets start saying that the failover event messages belong to level 1 (alert).

-If you want to enable logging for the stand by unit please enter the command: Logging standby

Now if you want just to get the failover messages you could create a logging list for the messages you want to monitor.

Here are the syslog messages available, you will need to decide witch ones are you going to monitor and create the syslog lis:.

http://tools.cisco.com/squish/cb7Dc

Logging list test xxxx message #

Logging list test xxxx message #

Logging list test xxxx message #

Hope this helps, any other question just let me know.

Please rate helpful posts,

Kind regards,

Julio

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

Re: FWSM and failover syslog messages.

Hello Julio and many thanks for your help.

We are using more than one syslog servers. Now we need to add a new syslog server and send to it only the ha related messages.

I prefered to use class filtering like this

logging class ha mail alerts

but I do not understand how I can send these messages to only one server and not to all.

Now we are using mail with

logging mail alerts

logging from-address blade@test.com

logging recipient-address andrea@test.com level alerts

snmtp-server 1.1.1.1

Regards.

Andrea

Re: FWSM and failover syslog messages.

Hello Andrea,

The think with this kind of setups is that the ASA will send all the messages belonging to that class to all of the syslog servers or will not send them at all.

So at this point its not supported.

Regards,

Julio

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

Re: FWSM and failover syslog messages.

Many thanks Julio.

Regards.

Andrea

New Member

Re: FWSM and failover syslog messages.

Hello.

Sorry, but with this config

logging enable

logging standby

logging mail alerts

logging from-address fwsm@test.it

logging recipient-address fm.net@test.it level alerts

logging class ha mail alerts

smtp-server 10.0.0.1

I'm not able to receive any ha syslog related messages.

Any ideas?

Thanks.

Regards.

Andrea

FWSM and failover syslog messages.

Hello Andrea,

But you are still getting other messages right?

You are just not getting the HA messages?

Regards,

Julio

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

Re: FWSM and failover syslog messages.

Hello Julio.

Yes, my syslog servers are receiving all messages, ha related also.

I'm not receiving mail notification about ha.

Show logging command reports that messages are logged by mail.

FWSMs are running application image version 4.1(7).

Regards,

Andrea

Re: FWSM and failover syslog messages.

Hello Andrea,

Some times the Syslog daemon used by the ASA migth get stuck, so lets take out the email configuration and do it one more time but this time using a higher level of trap.

no logging enable

no logging standby

no logging mail alerts

no logging from-address fwsm@test.it

no logging recipient-address fm.net@test.it level alerts

no logging class ha mail alerts

Logging enable

logging standby

logging mail list example

logging from-addresfwsm@test.it

logging recipient-addresfm.net@test.i

logging list example level notifications class ha

Please give it a try and let me know.

Regards,

Julio


Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

Re: FWSM and failover syslog messages.

Hello Julio.

Sorry for my later reply.

Now, we are using application software version 4.1(6) with multiple contexts.

Using the admin context I configure the logging facility with

logging enable

logging asdm informational

logging mail alerts

logging from-address fw-csc1@dominio.it

logging recipient-address andrea@dominio.it level alerts

logging class ha mail alerts

but I'm receiving only the monitoring interface messages

<161>%FWSM-1-105003: (Secondary_group_1) Monitoring on interface P2P-FW-CSC1 waiting

How can I receive message like "Switching to...".

Thanks.

Regards.

Andrea

720
Views
0
Helpful
9
Replies