Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4638
Views
0
Helpful
4
Replies

Problem sending debug output to a syslog server

Alejandro Sanchez
Level 1
Level 1

‎09-12-2012 02:11 AM - edited ‎03-11-2019 04:53 PM

Hi,

i am having a problem when a tried to send the output from a debug command to my syslog server with the logging debug-trace command.

I already have a syslog server getting all the notification level logs from my ASA cluster.

When i enter the command debug fover fail, i can see on the terminal session all theoputput m,essgaes from that commnad, but when i type debug-trace, the debug messages disappear from monitor and they aren´t redirect to my syslog server. I analyze the traffic arriving to my syslog server with tcpdump, and the messages from the debug command are not being send to the syslog server.

I should say i also have a netflow collector active.

I attached the sh run logging output, maybe it can help:

logging enable

logging timestamp

logging standby

logging buffer-size 8096

logging monitor errors

logging buffered warnings

logging trap notifications

logging asdm errors

logging mail alerts

logging from-address xxxxxxx

logging recipient-address xxxxxxx level alerts

logging facility 16

logging host ADAM-MANAG 192.168.50.8

logging debug-trace

logging permit-hostdown

Could someone help me with this?

Thanks in advance

Labels:
0 Helpful
4 Replies 4

varrao
Level 10
Level 10

‎09-12-2012 02:51 AM

What is the ASA version that you are using?

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao
0 Helpful

Alejandro Sanchez
Level 1
Level 1
In response to varrao

‎09-12-2012 02:59 AM

Hi Varun,

sorry i forgot to mention that the ASA version is 8.3(2).

Thanks,

0 Helpful

gurpsin2
Level 1
Level 1

‎09-12-2012 06:45 AM

Hi Alejandro,

Use the command "logging traps debugging", "logging debug-trace", since you are using level notifications for sending traps to syslog server, normal and significant conditions logs will be sent, for failover events, we need to send debugging messages to the server. let me knw if it works

Regards

Gurpreet

0 Helpful

Alejandro Sanchez
Level 1
Level 1
In response to gurpsin2

‎09-13-2012 01:17 AM

Hi Gurpreet,

thank you very much for your reply.

When i enter the command logging trap debugging and logging debug-trace , I can see in my syslog server messages with  the tag 711001 coming from the debug fover fail command, but I also get a bunch of other information i don´t want (all the debug level messages).

As far as I know, the debug-trace command redirect just the debug output from commands that you specifically enter in order to trace and debug a problem, but this is not the case, in order to make this work i have to enable the debugging trap level.

Is it something I am doing wrong , or I misunderstand?

Regards,


0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card