Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco ASA Logging

I have been experiencing some problems at a customer site with a Cisco ASA 5510 where a reboot clears the problem. I am setting up a syslog server to capture the events in  the hope that TAC can assist after the reboot using the captured logs.

My issue right now is that setting the logging to debugging or informational generates a large file in a short time. Given the situation what is the best option when selecting a logging trap so that when TAC reviews the file it is useful to them.

Thanks.

3 REPLIES
Hall of Fame Super Silver

Cisco ASA Logging

When logging is set to informational or debug the ASA certainly does generate a lot of log messages. Perhaps an option to consider would be to set console logging to informational or debug and then to connect a PC to the console running some terminal emulator that allows you to specify a fairly large buffer for its screen display. (I like SecureCRT because it allows me to do this and probably there are other emulators that allow this also).

Let the logging to the console run until the problem happens. When the problem happens, go to the PC and do a copy paste of the content of the screen buffer to a file and send the file to TAC. I have done this before and it worked pretty well for me.

HTH

Rick

New Member

Cisco ASA Logging

Great idea. I will let my customer know. Not usre it will be viable though as the ASA is in a data center.

Thanks for the advice though!

Hall of Fame Super Silver

Cisco ASA Logging

Some of my customers with data center implementations have terminal servers implemented to provide out of band management. Is it possible that your customer data center has some terminal servers implemented and that one might be used to provide access to the console of the ASA? That removes the dependency on the monitoring PC being physically present at the ASA.

HTH

Rick

788
Views
0
Helpful
3
Replies