Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Concentrator filterable event logs in ASA?

Hi,

On the concentrator it had a great tool caleld "filterable event logs" to see why users were having issues logging on the VPN and the same for the site-to-site links.

How can I do this on the ASA 5520?

Thanks

8 REPLIES

Re: Concentrator filterable event logs in ASA?

You can filter on anything in the log, goto:-

Monitor> Logging> Real-Time log viewer

then in the "Filter By" box enter what you want to find/see.

HTH>

New Member

Re: Concentrator filterable event logs in ASA?

Thanks Andrew,

But how can I just show VPN related information?

Thanks

Re: Concentrator filterable event logs in ASA?

Monitoring> VPN> VPN Statistics>

HTH>

New Member

Re: Concentrator filterable event logs in ASA?

I'm look for information as to when users put in incorrect passwords/username, or the SA's are wrong on a Site-to-Site tunnel etc, just like the concentrator did?

Re: Concentrator filterable event logs in ASA?

You can search the logs for the syslog id's:-

1) 713120 - VPN creation and PHASE 2 sucess auth

2) 713050 - VPN termination

HTH>

New Member

Re: Concentrator filterable event logs in ASA?

My real-time logger appears blank (debugging), but my log buffer (debugging) is full information but very slow, which should I use?

Re: Concentrator filterable event logs in ASA?

The choice is yours - you should check your config to the real time logging.

HTH>

Re: Concentrator filterable event logs in ASA?

You can also create a logging list for a particular 'class' like FAILOVER, VPNs etc. and then either send it to syslog/email etc. or raise its level to something very low (like level 1 or2). Then just turn on buffer logging or monitor logging for that particular level. This way you will filter all the level 4/5/6 messages of permit/deny/acl logging.

Regards

Farrukh

153
Views
0
Helpful
8
Replies