Cisco ASA not sending logs to a syslog server

Alex.kushnarev · ‎03-11-2020

Hi team,

for some reason my cisco asa stopped sending logs to the syslog server. i have tried to disable and enable the logging again, removed the syslog server from the ASDM and added again using the logging host command but still nothin, and when i run the sh logging command it doesnt show me the syslog host even thou i can see that it was added to the syslog server in the asdm.

logging conf :

Syslog logging: enabled

Facility: 20

Timestamp logging: enabled

Hide Username logging: disabled

Standby logging: disabled

Debug-trace logging: enabled

Console logging: disabled

Monitor logging: disabled

Buffer logging: disabled

Trap logging: disabled

Permit-hostdown logging: disabled

History logging: disabled

Device ID: disabled

Mail logging: disabled

ASDM logging: level informational, 4637 messages logged

logging queue:

Logging Queue length limit : 512 msg(s)

0 msg(s) discarded due to queue overflow

0 msg(s) discarded due to memory allocation failure

Current 0 msg on queue, 276 msgs most on queue

Any help will be appreciated.

Alex.

balaji.bandi · ‎03-11-2020

Make sure you have Access Rule available on right interface and allowed UDP/TCP 514 port to reach syslog server.

BB

*** Rate All Helpful Responses ***

Alex.kushnarev · ‎03-11-2020

Hi Balaji,

the issue is that the ASA did send logs to the syslog server and stoped doing so after restart(ASAv)

Alex.

Cristian Matei · ‎03-11-2020

Hi,

What is the output of "show run logging"? What is the IP address of your syslog server and how does the ASA route towards it, out which interface?

Regards,

Cristian Matei.

shaun · ‎07-28-2020

I have recently run into the same issue. Syslog entries were not being sent to the remote host until I included the line of config

"logging trap <x>" where <x> is the logging level, ie. warning/notification/emergency