What level of logging on the ASA will enable the syslog to see when a firewall rule has been changed? I know debugging on the config level should be able to, but I don't want to put my firewall through that level of logging for everything.
You can also change a level of a particular Syslog ID without changing the global level configured for certain destination
Lets say you wanted the change the above Debugging level message changed to the Notifications level you would configure
logging message 111009 level notifications
I am not completely sure would you also need to add these to specify how many of such log messages could be generated and in what timeframe. Though there is an option for "unlimited" also.
logging rate-limit
logging rate-limit message 111008
logging rate-limit message 111010
- Jouni
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.