Why ASA log view is empty

franklaszlo · ‎10-12-2019

I am not very experienced with ASA and always wondered why I can't see any log event in log viewer when I click the show log in ASDM on an access rule having debug level logging enabled, tons of hits and log interval is also set for 10 seconds. What am I missing here ?

ASD logging level is also set to debugging:

Rob Ingram · ‎10-12-2019

Hi,
Is logging actually enabled? The command from the CLI to to confirm it's enabled by running "show logging" and the command to enable is "logging enable"

HTH

franklaszlo · ‎10-13-2019

Hello,

thanks for picking this up, yes it is enabled:

Further to that, this is the rule in question :

I can't comprehend why the log viewer is not showing anything, but it already drives me crazy...

Marvin Rhoads · ‎10-13-2019

Your ASDM logging is set to "warning" (level 4).

When you have the log keyword on an ACL entry (as you show in your example) the default level assigned is "informational" (level 6).

https://www.cisco.com/c/en/us/td/docs/security/asa/asa913/configuration/firewall/asa-913-firewall-config/access-acls.html#ID-2069-00000206

franklaszlo · ‎10-13-2019

Thank you @Marvin Rhoads , you're totally correct, however, the time I was checking the log viewer it was set to Debugging, I only set it back to Warning to spare resources to the small guy.

So the logging setting screenshot is deceiving, sorry for that.