cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1551
Views
21
Helpful
4
Replies

Which of these logging, debug commands might crash a device?

Hi.

I have known of the theoretical danger of crashing a device by executing logging commands, now I have experience with it as one of these commands (maybe "show logging" and or "terminal monitor") forced an ASA 5525 HA failover.

Regarding the below commands, may you please inform me...

1. Which of these commands are unsafe to use?
2. Are there particularly dangerous combinations of these commands?

logging on
logging console
logging monitor
logging buffered
logging trap
logging 10.1.2.3
terminal monitor
terminal length 0
debug
show logging
show debug

Thank you!

2 Accepted Solutions

Accepted Solutions

any command run in CPU can cause issue,
there is not simple answer but there is some point can help you 
check CPU before run debug/logging 
use ACL in debug <<- select specific host
use specific Logging level not all levels 7

Important Information on Debug Commands - Cisco

 

View solution in original post

Peter Koltl
Level 7
Level 7

none of them risks a crash

avoid logging console , restrict it to

logging console critical

View solution in original post

4 Replies 4

Enabling debgs on the devices should always be taken with care as it would impact the device performance, and sometimes it might render the devide unusable. Another command on the list which I believe should be taken with care is the "logging console". Sending the logs to the console session is not recommended as it might overwhelm the console session with too many logs up to the point of not being able to interact with it.

Leo Laohoo
Hall of Fame
Hall of Fame

Depends on the firmware and the uptime.  

"sh tech" are known to crash any appliances until now.  

Even executing show commands with a "pipe" can crash anything that runs on IOS-XE (CSCvo06817).

any command run in CPU can cause issue,
there is not simple answer but there is some point can help you 
check CPU before run debug/logging 
use ACL in debug <<- select specific host
use specific Logging level not all levels 7

Important Information on Debug Commands - Cisco

 

Peter Koltl
Level 7
Level 7

none of them risks a crash

avoid logging console , restrict it to

logging console critical