Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1504
Views
0
Helpful
6
Replies

ASA logging on ADSM and syslog server

Andy White
Level 3
Level 3

‎04-24-2012 01:35 PM - edited ‎03-11-2019 03:57 PM

Hi,

How do get the ASA to log access denied events to the ASDM and syslog server?  I have another ASA which will log any attempts made that have no access as error and then I pick them up on the syslog server, but can't get this other ASA to do this, any ideas?

The ASDM never seems to syslog ID 106023 as error.

Thanks

Labels:
0 Helpful
6 Replies 6

Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-24-2012 04:13 PM

Per the log message reference that message should be logged at severity 4, warning.

Assuming your have ASDM logging set to level 4 (or greater) - e.g. "logging asdm 4" - and haven't addded a "no log message 106023" or similar command, that message should be logged to ASDM.

0 Helpful

Andy White
Level 3
Level 3
In response to Marvin Rhoads

‎04-25-2012 12:32 AM

This is what I have:

logging enable

logging timestamp

logging standby

logging buffer-size 200000

logging console errors

logging monitor errors

logging buffered critical

logging trap errors

logging asdm errors

logging facility 16

logging device-id hostname

logging host inside 192.168.2.129

no logging message 106015

no logging message 313001

no logging message 313008

no logging message 106023

no logging message 710003

no logging message 106100

no logging message 302015

no logging message 302014

no logging message 302013

no logging message 302018

no logging message 302017

no logging message 302016

no logging message 302021

no logging message 302020

logging message 315011 level alerts

logging message 713167 level critical

logging message 106010 level warnings

logging message 106006 level errors

logging message 713121 level errors

logging message 713120 level errors

logging message 713124 level errors

logging message 725001 level warnings

logging message 725002 level warnings

logging message 725003 level warnings

logging message 713135 level errors

logging message 606002 level critical

logging message 606001 level critical

logging message 106023 level errors

logging message 106021 level warnings

logging message 713119 level critical

logging message 713066 level errors

logging message 113019 level critical

logging message 113009 level critical

logging message 113008 level critical

logging message 710003 level alerts

logging message 113015 level alerts

logging message 113005 level critical

logging message 113004 level critical

logging message 713050 level errors

logging message 611102 level alerts

logging message 605005 level critical

logging message 713052 level errors

logging message 605004 level critical

logging message 111008 level alerts

logging message 716039 level critical

logging message 716038 level critical

logging message 716001 level critical

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to Andy White

‎04-25-2012 12:40 AM

Hi,

Seems you do have the "no"  command for that syslog message ID.

Marked BOLD RED

logging enable

logging timestamp

logging standby

logging buffer-size 200000

logging console errors

logging monitor errors

logging buffered critical

logging trap errors

logging asdm errors

logging facility 16

logging device-id hostname

logging host inside 192.168.2.129

no logging message 106015

no logging message 313001

no logging message 313008

no logging message 106023

no logging message 710003

no logging message 106100

no logging message 302015

no logging message 302014

no logging message 302013

no logging message 302018

no logging message 302017

no logging message 302016

no logging message 302021

no logging message 302020

logging message 315011 level alerts

logging message 713167 level critical

logging message 106010 level warnings

logging message 106006 level errors

logging message 713121 level errors

logging message 713120 level errors

logging message 713124 level errors

logging message 725001 level warnings

logging message 725002 level warnings

logging message 725003 level warnings

logging message 713135 level errors

logging message 606002 level critical

logging message 606001 level critical

logging message 106023 level errors

logging message 106021 level warnings

logging message 713119 level critical

logging message 713066 level errors

logging message 113019 level critical

logging message 113009 level critical

logging message 113008 level critical

logging message 710003 level alerts

logging message 113015 level alerts

logging message 113005 level critical

logging message 113004 level critical

logging message 713050 level errors

logging message 611102 level alerts

logging message 605005 level critical

logging message 713052 level errors

logging message 605004 level critical

logging message 111008 level alerts

logging message 716039 level critical

logging message 716038 level critical

logging message 716001 level critical

- Jouni

0 Helpful

Andy White
Level 3
Level 3
In response to Jouni Forss

‎04-25-2012 12:54 AM

Wow I'm stupid, I just couldn't see it.

Thanks guys

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Andy White

‎04-25-2012 04:17 AM

You're welcome. Please mark your question as answered and rate the posts if they helped.

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to Jouni Forss

‎04-25-2012 12:55 AM

Also,

I think you need to change the "logging" configurations

logging trap errors

logging asdm errors

to "notifications" atleast

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card