cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2613
Views
4
Helpful
4
Replies

ASA 5510 ASDM show log on access-list empty

Ivan Tesselaar
Level 1
Level 1

I created some acess-lists, and you can assign a logging level to this access-list. Now this ACL has a lot of hits, so i want to see whats happening. Only the log I then see is completely empty. I cannot figure out how to get some info in that log.

ASA - show log.png ASA - Log Viewer.png

I think there is some global logging setting i probably need to enable in order to get anything logged at all, but i cannot figure out which.

1 Accepted Solution

Accepted Solutions

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

I think it will probably need the ASDM logging level set to informational. Though if you have already checked logs through ASDM it should probably already be there?

Check if you have

logging asdm informational

In your configurations

- Jouni

View solution in original post

4 Replies 4

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

I think it will probably need the ASDM logging level set to informational. Though if you have already checked logs through ASDM it should probably already be there?

Check if you have

logging asdm informational

In your configurations

- Jouni

I have: logging asdm alerts

Probably to low?

Hi,

Alerts is Severity 1

Informational is Severity 6

I imagine if you changed the ACL rules level to Alerts it would start to show on the ASDM log.

Other option is to change the "logging asdm informational"

Or perhaps changing the ACL rule to "notifactions" and configuring "logging asdm notifications" if you generally want to see a low amount of logs on the ASDM. I have not had much need to change the ASDM logging level from the Informational / Debugging level.

- Jouni

I want to see if the ACL is hit, and what hits it. The minimum for this is informational.

But I sont really like to raise the "general" level much higher, because the logging on the Home view is very busy then. But this configuration made it work. I sont really understand why cisco made it this way. This is also a big strain on the processor.

Thanks for your help!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: