cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3129
Views
0
Helpful
2
Replies

ASA logs are not reaching syslog server

eraser34987
Level 1
Level 1

Recently we have been experiencing an issue with our ASA's syslog messages not reaching the syslog server. Periodically a message will get through but its fairly random. The ASA and the syslog server do reside on different subnets be it has always been this way and it has worked properly in the past. There have been a few code upgrades to the ASA and the syslog server resides in a VM environment but it recieves logs properly from all other devices. The patches to the ASA were to resolve some VPN bugs we were experiencing. Any ideas on what the issue could be?

2 Replies 2

JORGE RODRIGUEZ
Level 10
Level 10

Hi,

Personally I have run into syslog messaging  issues in the past and have been related to bugs ,you may want to try looking at the code you have upgraded to and rule out bugs pertaining to syslog messaging . Look into your code opened Caveats  in the link bellow .  If you have  dounble check your firewall configuration after the upgrade for syslogs to be ok and have other firewalls sending logs ok to the server , it could very well be a bug related issue.

http://www.cisco.com/en/US/partner/products/ps6120/prod_release_notes_list.html

You can also check in bug data base for your code -

http://tools.cisco.com/Support/BugToolKit/action.do?hdnAction=searchBugs

Regards

Jorge Rodriguez

Luis Silva Benavides
Cisco Employee
Cisco Employee

Hi Dustin,

We will need to determine if the syslog messages are actually leaving the ASA interface, you can do this with a capture on the interface were the server is located. Also will be a good idea to test basic connectivity between the FW and the syslog server.

Luis

Luis Silva
Review Cisco Networking for a $25 gift card