Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

sending logging to syslog server

I'm being asked to send logs from an ASA5510 to a syslog server on port 40991 thats behind an interface with a security level of 50.

At this point it's not working, the syslog server is 192.168.233.43 and it's behind an interface named APP with a security level of 50

I thought that all that would be required is the following:

(config)logging host app 192.168.233.43 tcp/40991

Can someone please advise?

4 REPLIES
Cisco Employee

Re: sending logging to syslog server

You also need

loggin trap debug

or what ever level you need to send to the syslog server.

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/l2.html#wp1772754

-KS

Cisco Employee

Re: sending logging to syslog server

And also make sure you have logging enable.

So to summarize:

logging enable

logging trapp debug

logging host app 192.168.233.43 tcp/40991 (make sure the syslog server is listening on TCP 40991 and not on UDP port 514)

I hope it helps.

PK

New Member

Re: sending logging to syslog server

Since the security level is 50 for the APP interface that the server is located behind do I need and ACL?

Cisco Employee

Re: sending logging to syslog server

Greg,

ACL applied on the interface is only for "THROUGH" the box traffic. syslog is "FROM and TO" the box traffic.

No need for acl. Just the logging on, logging trap and logging host lines are required.

Once done issue "sh logg" and see if the fiirewall shows the number of log messages sent to the syslog server.

-KS

479
Views
0
Helpful
4
Replies
CreatePlease to create content