Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
404
Views
0
Helpful
1
Replies

Meaningful syslog facility/severity settings ASA 5500 (os 8.4)

costantino.amato
Level 1
Level 1

‎06-16-2015 08:53 AM - edited ‎03-11-2019 11:07 PM

Hi all,

I am struggling with an event log analyzer software (Manage Engine Event Log Analyzer) in order to produce meaningful custom reports and avoiding collecting too much data  from a couple of ASA 5500 which wouldn't be processed due to the software inability to scale up.

I would like to keep track of events pertaining to threat detection (both basic and advanced) and, among other things, an excessive burst rate of denied connections. I am familiar with the severity level in linux like system and the facilities but it's not clear to me how these are matched in Cisco OS (severity and event classes?). What would be a good start in setting up the syslog and its filters in order to collect useful data without being overwhelmed by information?

Thanks in advance for your support.

Cheers.

Labels:
0 Helpful
1 Reply 1

Kanwaljeet Singh
Cisco Employee
Cisco Employee

‎06-16-2015 01:20 PM

Hi Costantino,

Are you looking for this information?

 Alert Messages, Severity 1
 Critical Messages, Severity 2
 Error Messages, Severity 3
 Warning Messages, Severity 4
 Notification Messages, Severity 5
 Informational Messages, Severity 6
 Debugging Messages, Severity 7
 

You would also be interested in the below link:

http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs/logsevp.html

Regards,

Kanwal

Note: Please mark answers if they are helpful.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card