03-20-2009 03:08 AM
I am logging ASA syslog messages and im filtering on "notifications" I have one access rule that I do not want to recive any syslog notifications messages from. I have dissabled logging on this paticular access rule but still recive syslog messages relating to it.
Here is my config -
logging enable
logging standby
logging emblem
logging trap notifications
logging asdm informational
logging host management x.x.x.x format emblem
logging permit-hostdown
access-list acl_out line 26 extended permit tcp object-group ExampleGroup any object-group ExampleTCPGroup log disable
Any ideas?
Thanks
Tim
03-20-2009 03:17 AM
Tim
What you have posted indicates that this line is disabled. In that case I am very puzzled that it can generate any syslog messages.
I would suggest that you might try rewriting the line to remove the log option:
extended permit tcp object-group ExampleGroup any object-group ExampleTCPGroup
Give that a try and let us know how it works.
HTH
Rick
03-20-2009 05:52 AM
Hi Rick
I have tried what you have suggested with no luck.
I have tried disabling logging on other lines also and still get syslog messages logged.
Cheers
Tim
03-20-2009 08:04 AM
Tim
Perhaps we might find a more effective suggestion if you would post a more complete config. It might also be helpful if you would post an example of the message as it appears in syslog.
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: