https://community.cisco.com/t5/network-security/sending-logging-to-syslog-server/m-p/1515622#M609129 <HTML><HEAD></HEAD><BODY><P>Since the security level is 50 for the APP interface that the server is located behind do I need and ACL?</P></BODY></HTML> Thu, 14 Oct 2010 20:37:41 GMT w951duu 2010-10-14T20:37:41Z https://community.cisco.com/t5/network-security/sending-logging-to-syslog-server/m-p/1515619#M609120 <P>I'm being asked to send logs from an ASA5510 to a syslog server on port 40991 thats behind an interface with a security level of 50.</P><P></P><P></P><P>At this point it's not working, the syslog server is 192.168.233.43 and it's behind an interface named APP with a security level of 50</P><P></P><P>I thought that all that would be required is the following:</P><P></P><P><SPAN class="mediumtext">(config)logging host app 192.168.233.43 tcp/40991</SPAN></P><P></P><P>Can someone please advise?</P> Mon, 11 Mar 2019 18:54:21 GMT https://community.cisco.com/t5/network-security/sending-logging-to-syslog-server/m-p/1515619#M609120 w951duu 2019-03-11T18:54:21Z https://community.cisco.com/t5/network-security/sending-logging-to-syslog-server/m-p/1515620#M609123 <HTML><HEAD></HEAD><BODY><P>You also need</P><P>loggin trap debug</P><P></P><P>or what ever level you need to send to the syslog server.</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/l2.html#wp1772754">http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/l2.html#wp1772754</A></P><P></P><P>-KS</P></BODY></HTML> Thu, 14 Oct 2010 19:20:48 GMT https://community.cisco.com/t5/network-security/sending-logging-to-syslog-server/m-p/1515620#M609123 Kureli Sankar 2010-10-14T19:20:48Z https://community.cisco.com/t5/network-security/sending-logging-to-syslog-server/m-p/1515621#M609125 <HTML><HEAD></HEAD><BODY><P></P><P>And also make sure you have logging enable.</P><P></P><P>So to summarize:</P><P></P><P>logging enable</P><P>logging trapp debug</P><P>logging host app 192.168.233.43 tcp/40991 (make sure the syslog server is listening on TCP 40991 and not on UDP port 514)</P><P></P><P>I hope it helps.</P><P></P><P>PK</P><DIV> </DIV><P></P></BODY></HTML> Thu, 14 Oct 2010 19:37:55 GMT https://community.cisco.com/t5/network-security/sending-logging-to-syslog-server/m-p/1515621#M609125 Panos Kampanakis 2010-10-14T19:37:55Z https://community.cisco.com/t5/network-security/sending-logging-to-syslog-server/m-p/1515622#M609129 <HTML><HEAD></HEAD><BODY><P>Since the security level is 50 for the APP interface that the server is located behind do I need and ACL?</P></BODY></HTML> Thu, 14 Oct 2010 20:37:41 GMT https://community.cisco.com/t5/network-security/sending-logging-to-syslog-server/m-p/1515622#M609129 w951duu 2010-10-14T20:37:41Z https://community.cisco.com/t5/network-security/sending-logging-to-syslog-server/m-p/1515623#M609132 <HTML><HEAD></HEAD><BODY><P>Greg,</P><P>ACL applied on the interface is only for "THROUGH" the box traffic. syslog is "FROM and TO" the box traffic.</P><P></P><P>No need for acl. Just the logging on, logging trap and logging host lines are required.</P><P>Once done issue "sh logg" and see if the fiirewall shows the number of log messages sent to the syslog server.</P><P></P><P>-KS</P></BODY></HTML> Fri, 15 Oct 2010 00:57:20 GMT https://community.cisco.com/t5/network-security/sending-logging-to-syslog-server/m-p/1515623#M609132 Kureli Sankar 2010-10-15T00:57:20Z