03-01-2012 10:19 AM - edited 03-11-2019 03:37 PM
Hello experts,
I have upgraded my ASA5540 form 8.2(2) to 8.4(2) and I have run into this logging issue.
previously I was logging the message ID: 713906 and could get this information:
group name, public address, assigned local address, username which identifies all the elements of a tunnel establishment.
As I upgraded to 8.4(2) I have lost this logging capability. I have tried to use different logging message ID alternatives like 722022, 722051 without any luck. I configured the message IDs and just they are not being logged. here is my config:
logging enable
logging facility 22
logging queue 1024
logging device-id hostname
logging buffered 10000000
logging message 722051 level debugging
logging message 713906 level debugging
logging message 713050 level debugging
logging message 715053 level debugging
logging message 715019 level debugging
logging message 713906 level debugging
logging message 713184 level debugging
logging message 113019 level debugging
logging message 113004 level debugging
logging message 113005 level debugging
logging message 713052 level debugging
logging message 106015 level debugging
logging message 302013 level debugging
logging message 302016 level debugging
logging message 302014 level debugging
logging message 750006 level debugging
logging message 722022 level debugging
logging message 737026 level debugging
I see lots of lines being logged for connection etablishment, but not the above logs which I am interested in.
I am interested to have at least 'username, local ip address, at the time the session is established all together in one line. I can see many lines for 302013, 302014, 302016 for different connections, but I am more intereseted in the start of the session.
And please note I am using pure ipsec both IKEV1 and IKEV2 with cisco vpn client as well as cisco anyconnect. I am NOT using ssl vpn.
Any help would be appreciated.
Thank you,
Razi
Solved! Go to Solution.
03-02-2012 11:07 AM
Razi,
I'm not sure why you can't see 722022 and 746012 in the debug level logs. However, unless I am mistaken,you should be able to change logs 746012 and 734003 to informational using the same command you are using for those other messages. You might try this:
logging message 746012 informational
logging message 734003 informational
Thanks
Joey
04-27-2012 09:55 AM
There are multiple issues in this.
1. The logs don't contain all the required information.
2. There are multiple logs with information of interest.
3. The same log appears more then once at the same time.
Filed a bug to resolve the same log appearing twice. The bug ID is : CSCtz01680. The bug is resolved and needs to be incorporated in one of the future releases.
Filed an enhancement request CSCtz01714 to resolve the logging information issue.
03-01-2012 10:49 AM
Hello Razi,
Are you seeing any debug level logs? What are the level of logs which you are seeing? Can you give us an output of a 'show logging messsage 722022'?
Thanks!
03-01-2012 12:59 PM
Yes, I see the debug level logs but nothing for 722022.
tst-vpn(config)# sh logg mess 722022
syslog 722022: default-level informational, current-level debugging (enabled)
Now I found the message ID 746012 and 734003 could be an acceptable solution, but the problem is for these two messages to be logged I have to enable logging buffered debugging". When I enable buffered debug logging, the buffer gets full immediately and I get lots of undesired logs. Is there any other message ID which can work in informational (level 6) and give me the same information as in 746012 or 722022?
Thanks,
Razi
03-02-2012 11:07 AM
Razi,
I'm not sure why you can't see 722022 and 746012 in the debug level logs. However, unless I am mistaken,you should be able to change logs 746012 and 734003 to informational using the same command you are using for those other messages. You might try this:
logging message 746012 informational
logging message 734003 informational
Thanks
Joey
03-02-2012 12:21 PM
Joey,
I CAN see 746012, but only if I have enabled debug logging " logging buffered debugging"
I did the commands you have mentioned:
logging message 746012 informational
logging message 734003 informational
by doing this I can not see these messages, but if I do "logging buffered debugging" then I can see these messages. if a message is generated in debug level, we can not change it to informational level by "informational" keyword. This is what I thought and that is what I see after configuration.
Any other thought?
Thanks,
Razi
04-27-2012 09:55 AM
There are multiple issues in this.
1. The logs don't contain all the required information.
2. There are multiple logs with information of interest.
3. The same log appears more then once at the same time.
Filed a bug to resolve the same log appearing twice. The bug ID is : CSCtz01680. The bug is resolved and needs to be incorporated in one of the future releases.
Filed an enhancement request CSCtz01714 to resolve the logging information issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide