topic Logging level that will show when rules are added/changed/deleted? in Network Security https://community.cisco.com/t5/network-security/logging-level-that-will-show-when-rules-are-added-changed/m-p/2340193#M343735 <P>What level of logging on the ASA will enable the syslog to see when a firewall rule has been changed?&nbsp; I know debugging on the config level should be able to, but I don't want to put my firewall through that level of logging for everything.</P><P></P><P>any help would be greatly appreciated!</P> Tue, 12 Mar 2019 02:32:19 GMT lcnorwood 2019-03-12T02:32:19Z Logging level that will show when rules are added/changed/deleted? https://community.cisco.com/t5/network-security/logging-level-that-will-show-when-rules-are-added-changed/m-p/2340193#M343735 <P>What level of logging on the ASA will enable the syslog to see when a firewall rule has been changed?&nbsp; I know debugging on the config level should be able to, but I don't want to put my firewall through that level of logging for everything.</P><P></P><P>any help would be greatly appreciated!</P> Tue, 12 Mar 2019 02:32:19 GMT https://community.cisco.com/t5/network-security/logging-level-that-will-show-when-rules-are-added-changed/m-p/2340193#M343735 lcnorwood 2019-03-12T02:32:19Z Logging level that will show when rules are added/changed/delete https://community.cisco.com/t5/network-security/logging-level-that-will-show-when-rules-are-added-changed/m-p/2340194#M343743 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Would seem to me that you would be looking for Syslog messages with the following IDs</P><P></P><UL><LI>111008 (level 5 = Notifications)</LI><LI>111009 (level 7 = Debugging)</LI><LI>111010 (level 5 = Notifications)</LI></UL><P></P><P>Source:</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/syslog-guide/logmsgs.html#wp4769400">http://www.cisco.com/en/US/docs/security/asa/syslog-guide/logmsgs.html#wp4769400</A></P><P></P><P>You can also change a level of a particular Syslog ID without changing the global level configured for certain destination</P><P></P><P>Lets say you wanted the change the above Debugging level message changed to the Notifications level you would configure</P><P></P><P><STRONG>logging message 111009 level notifications</STRONG></P><P></P><P>I am not completely sure would you also need to add these to specify how many of such log messages could be generated and in what timeframe. Though there is an option for <STRONG>"unlimited"</STRONG> also. <SPAN __jive_emoticon_name="plain" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/tiny_mce3/plugins/jiveemoticons/images/spacer.gif"></SPAN></P><P></P><P><STRONG>logging rate-limit <NUMBER of="" log="" messages=""> <TIME interval=""> message 111009</TIME></NUMBER></STRONG></P><P><STRONG>logging rate-limit </STRONG><STRONG><NUMBER of="" log="" messages=""> <TIME interval=""></TIME></NUMBER></STRONG><STRONG> message 111008</STRONG></P><P><STRONG>logging rate-limit </STRONG><STRONG><NUMBER of="" log="" messages=""> <TIME interval=""> </TIME></NUMBER></STRONG><STRONG>message 111010</STRONG></P><P></P><P></P><P>- Jouni</P></BODY></HTML> Thu, 29 Aug 2013 15:14:04 GMT https://community.cisco.com/t5/network-security/logging-level-that-will-show-when-rules-are-added-changed/m-p/2340194#M343743 Jouni Forss 2013-08-29T15:14:04Z