09-12-2012 02:11 AM - edited 03-11-2019 04:53 PM
Hi,
i am having a problem when a tried to send the output from a debug command to my syslog server with the logging debug-trace command.
I already have a syslog server getting all the notification level logs from my ASA cluster.
When i enter the command debug fover fail, i can see on the terminal session all theoputput m,essgaes from that commnad, but when i type debug-trace, the debug messages disappear from monitor and they aren´t redirect to my syslog server. I analyze the traffic arriving to my syslog server with tcpdump, and the messages from the debug command are not being send to the syslog server.
I should say i also have a netflow collector active.
I attached the sh run logging output, maybe it can help:
logging enable
logging timestamp
logging standby
logging buffer-size 8096
logging monitor errors
logging buffered warnings
logging trap notifications
logging asdm errors
logging mail alerts
logging from-address xxxxxxx
logging recipient-address xxxxxxx level alerts
logging facility 16
logging host ADAM-MANAG 192.168.50.8
logging debug-trace
logging permit-hostdown
Could someone help me with this?
Thanks in advance
09-12-2012 02:51 AM
What is the ASA version that you are using?
Thanks,
Varun Rao
Security Team,
Cisco TAC
09-12-2012 02:59 AM
Hi Varun,
sorry i forgot to mention that the ASA version is 8.3(2).
Thanks,
09-12-2012 06:45 AM
Hi Alejandro,
Use the command "logging traps debugging", "logging debug-trace", since you are using level notifications for sending traps to syslog server, normal and significant conditions logs will be sent, for failover events, we need to send debugging messages to the server. let me knw if it works
Regards
Gurpreet
09-13-2012 01:17 AM
Hi Gurpreet,
thank you very much for your reply.
When i enter the command logging trap debugging and logging debug-trace , I can see in my syslog server messages with the tag 711001 coming from the debug fover fail command, but I also get a bunch of other information i don´t want (all the debug level messages).
As far as I know, the debug-trace command redirect just the debug output from commands that you specifically enter in order to trace and debug a problem, but this is not the case, in order to make this work i have to enable the debugging trap level.
Is it something I am doing wrong , or I misunderstand?
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide