05-08-2009 11:50 AM - edited 03-11-2019 08:29 AM
I want my ASA 5540 having OS 7.x to log only telnet and console login informations to my external kiwi syslog software
I have typed
logging host inside 10.1.1.1
and then I have set the logging trap to informational
I only want line vty and console logins to be sent to syslog server
05-08-2009 12:50 PM
Here's a list of logging messages:
http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logsevp.html#wpxref25608
Find the message numbers that you want to log. Then, what you'll need to do is set up the types of messages that you want to log:
Create a logging list:
logging list SYSLOG level errors
Then add the messages that you want to log in addition to errors and below:
logging list SYSLOG message 211001
logging list SYSLOG message 106001-106007
Then apply:
logging monitor SYSLOG
logging trap SYSLOG
HTH,
John
05-08-2009 02:08 PM
That's cool John, never knew you could do that.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide