https://community.cisco.com/t5/network-security/enable-syslog-debug-level-7-and-send-logs-to-syslog/m-p/2227470#M348538 <HTML><HEAD></HEAD><BODY><P>Hello Gavin,</P><P></P><P>Well, my question is :</P><P></P><P>Would you like to log Permits as well... Or just Denies:</P><P></P><P>I would say just denies right?</P><P></P><P>If that is the case then by default it's gonna happen,</P><P></P><P>What is not gonna happen is the Logging for the last implicit deny rule so you will need to add it manually</P><P>access-list test deny ip any any log</P><P></P><P>Then you will get all the logs for traffic being denied across your firewall</P><P></P><P>Regards,</P><P></P><P>Julio</P><P></P><P><STRONG>Hey Remember to rate all of the helpful posts</STRONG></P></BODY></HTML> Fri, 07 Jun 2013 16:30:03 GMT Julio Carvajal 2013-06-07T16:30:03Z https://community.cisco.com/t5/network-security/enable-syslog-debug-level-7-and-send-logs-to-syslog/m-p/2227466#M348533 <P>Hi,</P><P>on cisco ASA, I've to <SPAN style="font-size: 10pt;">enable syslog debug level 7 and send logs to syslog. how to do that?</SPAN></P> Tue, 12 Mar 2019 01:53:58 GMT https://community.cisco.com/t5/network-security/enable-syslog-debug-level-7-and-send-logs-to-syslog/m-p/2227466#M348533 gavin han 2019-03-12T01:53:58Z https://community.cisco.com/t5/network-security/enable-syslog-debug-level-7-and-send-logs-to-syslog/m-p/2227467#M348534 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>Logging enable</P><P>logging host inside x.x.x.x</P><P>logging trap 7</P><P>logging facility 23</P><P></P><P>Regards</P></BODY></HTML> Thu, 06 Jun 2013 20:25:29 GMT https://community.cisco.com/t5/network-security/enable-syslog-debug-level-7-and-send-logs-to-syslog/m-p/2227467#M348534 Julio Carvajal 2013-06-06T20:25:29Z https://community.cisco.com/t5/network-security/enable-syslog-debug-level-7-and-send-logs-to-syslog/m-p/2227468#M348535 <HTML><HEAD></HEAD><BODY><P>Thx. Would I need to add log for each ACL line? Ive ACL of more than 3000 lines so it would tough to write log for each acl line. Any alternative?<BR /><BR /><BR />Sent from Cisco Technical Support Android App</P></BODY></HTML> Fri, 07 Jun 2013 12:39:15 GMT https://community.cisco.com/t5/network-security/enable-syslog-debug-level-7-and-send-logs-to-syslog/m-p/2227468#M348535 gavin han 2013-06-07T12:39:15Z https://community.cisco.com/t5/network-security/enable-syslog-debug-level-7-and-send-logs-to-syslog/m-p/2227469#M348536 <HTML><HEAD></HEAD><BODY><P>Unless you have been fiddling with logging levels previously, most ACE's will be using the cisco default logging, and at debug/7 level most of those will generate syslog entries.&nbsp; Don't forget that "show access-list" will show hits counts for the individual entries as well, independently of any syslog output.</P><P></P><P>Lastly, if a reload is an option, in your situation what I would do if modifying 3k lines was needed is:</P><P>&nbsp; 1) copy startup-config a.txt</P><P>&nbsp; 2) export a.txt by TFTP or SSH or USB or whatever</P><P>&nbsp; 3) edit the configuration using offline tools with regular-expression capabilities such as textpad (windows) or vi or emacs or perl or ...</P><P>&nbsp; 4) import the revised b.txt config</P><P>&nbsp; 5) copy b.txt startup-config and reload</P><P></P><P>-- Jim Leinweber, WI State Lab of Hygiene</P></BODY></HTML> Fri, 07 Jun 2013 14:33:48 GMT https://community.cisco.com/t5/network-security/enable-syslog-debug-level-7-and-send-logs-to-syslog/m-p/2227469#M348536 James Leinweber 2013-06-07T14:33:48Z https://community.cisco.com/t5/network-security/enable-syslog-debug-level-7-and-send-logs-to-syslog/m-p/2227470#M348538 <HTML><HEAD></HEAD><BODY><P>Hello Gavin,</P><P></P><P>Well, my question is :</P><P></P><P>Would you like to log Permits as well... Or just Denies:</P><P></P><P>I would say just denies right?</P><P></P><P>If that is the case then by default it's gonna happen,</P><P></P><P>What is not gonna happen is the Logging for the last implicit deny rule so you will need to add it manually</P><P>access-list test deny ip any any log</P><P></P><P>Then you will get all the logs for traffic being denied across your firewall</P><P></P><P>Regards,</P><P></P><P>Julio</P><P></P><P><STRONG>Hey Remember to rate all of the helpful posts</STRONG></P></BODY></HTML> Fri, 07 Jun 2013 16:30:03 GMT https://community.cisco.com/t5/network-security/enable-syslog-debug-level-7-and-send-logs-to-syslog/m-p/2227470#M348538 Julio Carvajal 2013-06-07T16:30:03Z