Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
501
Views
0
Helpful
2
Replies

ASA Syslog Options

GREG HARPER
Level 1
Level 1

‎04-21-2010 12:10 PM

In the ASA reference manual is says you can send certain syslog messages to the syslog server and cut out unwanted ones.  For example the below command came from the manual, can anyone tell me what the format is for the "message_list" option?

In other words, if I just want to see timestamps and session information for remote access users going to my syslog server how would I set that up within the ASA?

logging trap {severity_level | message_list}

Thanks,

glh

Labels:
0 Helpful
2 Replies 2

Jennifer Halim
Cisco Employee
Cisco Employee

‎04-21-2010 07:22 PM

You can send all the syslog messages for remote vpn client only to your syslog server as follows:

logging list vpn-log level debugging class vpnc
logging trap vpn-log

OR/ alternatively, if you know exactly which syslog messages you are after, you can configure it this way:

logging list vpn-list message 611101

logging trap vpn-list

The vpn client syslog is within the 611xxx range, and here is the syslog for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp4774570

Hope that helps.

0 Helpful

GREG HARPER
Level 1
Level 1
In response to Jennifer Halim

‎04-22-2010 08:20 AM

Can I also send the critical and/or error messages as well as the vpnc messages to the syslog server?  If yes, what would that configuration look like?

Thanks for your response this is a big help!

glh

0 Helpful
Customers Also Viewed These Support Documents