05-08-2009 11:50 AM - edited 03-11-2019 08:29 AM
I want my ASA 5540 having OS 7.x to log only telnet and console login informations to my external kiwi syslog software
I have typed
logging host inside 10.1.1.1
and then I have set the logging trap to informational
I only want line vty and console logins to be sent to syslog server
05-08-2009 12:50 PM
Here's a list of logging messages:
http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logsevp.html#wpxref25608
Find the message numbers that you want to log. Then, what you'll need to do is set up the types of messages that you want to log:
Create a logging list:
logging list SYSLOG level errors
Then add the messages that you want to log in addition to errors and below:
logging list SYSLOG message 211001
logging list SYSLOG message 106001-106007
Then apply:
logging monitor SYSLOG
logging trap SYSLOG
HTH,
John
05-08-2009 02:08 PM
That's cool John, never knew you could do that.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: