08-24-2010 06:42 AM - edited 03-11-2019 11:29 AM
Hello.
I'm using any ACL entry to deny DNS request without log keyword.
I'm receiving a lot of 106010 and 106011 messages.
How can I filter these message? I don't wanto to use the no logging message command.
Many thanks for your help.
Regards.
Andrea
08-24-2010 07:48 AM
if you are asking how to not see these messages in your logging, you can move these messages to a higher level of logging so that way you wont see these messages in the logging level you have defined
these messages are level 3 and if you are logging at level 6 you can make these messages appear as level 7, so that you wont see them
here is the link that will help you
http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logconf.html#wp1108252
if you want to send these messages to a different syslog server or want to log it to a different place you can make logging event list
here is a link
please feel free to ask if you have any clarifications
08-24-2010 07:59 AM
Hello jathaval and many thanks for your help.
Because I'm using
logging trap debugging
I'm thinking to create a list that exclude these messages to be send to syslog server.
What do you think about?
Regards.
Andrea
08-24-2010 08:06 AM
I am not sure what you are asking. You like to filter these message once they arrive on the syslog server?
These messages are logged at level 6. You can send these to the syslog server with the logging trap 7 command.
If you want to logg to the buffer and only logg level 5 or 4 to buffer then you will not see these in the buffer logs.
logging trap 7
logging buffer 4
-KS
08-24-2010 08:11 AM
Hello kusankar. I don't want to log these messages to syslog server.
Thanks.
Regards.
Andrea
08-24-2010 08:16 AM
Hmm...without using "no logging message" I can't think of a way.
Like you say, using a log list for a range of syslogs (may be a log list of loglist) and not including these two syslogs might work. Give it a shot.
logging list loglist message xxxxxx-yyyyyy
logging trap loglist
-KS
08-24-2010 11:35 PM
I'm testing this solution
logging list loglist message 101001-106009
logging list loglist message 106012-742010
logging trap loglist
Regards.
Andrea
08-24-2010 08:13 AM
Hello,
Just use the command:
no logging message
Regards,
NT
08-24-2010 08:25 AM
logging list test-list message 100000-106009
logging list test-list message 106011-999999
logging trap test-list
I believe this configuration can send any messages to syslog server but range 106010-106011 are excluded.
08-24-2010 08:34 AM
Yes, that should do it.
May be
logging list loglist 101001-106009
logging list loglist 106012-742010
http://www.cisco.com/en/US/docs/security/asa/asa82/system/message/logmsgs.html
-KS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide