Solved: ASA 5525 - High Memory Utilization - Page 2

uadmin · ‎04-30-2025

Hello,

Our ASA 5525 (IOS 9.14.4.24) is experiencing high memory utilization.

This is what I see so far:

fw1# show memory
Free memory: 815972661 bytes (18%)
Used memory: 3575802776 bytes (82%)
------------- ------------------
Total memory: 4391775437 bytes (100%)

I checked the log level and found this:

internet-fw1# show logging setting
Syslog logging: enabled
Facility: 20
Timestamp logging: enabled
Timezone: enabled
Hide Username logging: enabled
Standby logging: disabled
Debug-trace logging: disabled
Console logging: disabled
Monitor logging: disabled
Buffer logging: level debugging, 133637032 messages logged
Trap logging: level informational, facility 20, 382838012 messages logged
Logging to net1-c6509 192.168.17.190, UDP TX:163286
Logging to net1-c6509 192.168.17.86, UDP TX:163286
Global TCP syslog stats::
NOT_PUTABLE: 0, ALL_CHANNEL_DOWN: 0
CHANNEL_FLAP_CNT: 0, SYSLOG_PKT_LOSS: 0
PARTIAL_REWRITE_CNT: 0
Permit-hostdown logging: enabled
History logging: disabled
Device ID: disabled
Mail logging: disabled
ASDM logging: level informational, 127714278 messages logged

* I changed the buffer logging to 'alert' level but free memory only improved by 1%.

fw1# show memory detail

Heap Memory:
Free Memory:
Heapcache Pool: 3194256 bytes ( 0% )
Global Shared Pool: 57664448 bytes ( 1% )
Message Layer Pool: 3985264 bytes ( 0% )
System: 482221261 bytes ( 11% )
Used Memory:
Heapcache Pool: 684671600 bytes ( 16% )
Global Shared Pool: 2510613568 bytes ( 57% )
Reserved (Size of DMA Pool): 230686720 bytes ( 5% )
Reserved for messaging: 209040 bytes ( 0% )
MMAP usage: 21370056 bytes ( 0% )
System Overhead: 397159224 bytes ( 9% )
------------------------------------- ----------------
Total Memory: 4391775437 bytes ( 100% )

Any idea how to lower the memory utilization?

I wasn't able to find any bugs related to my IOS version. Furthermore, this ASA model can not go above 9.14.4.24

uadmin · ‎05-02-2025

How do I make it NOT keep it locally???? I want to free up the buffer.

MHM Cisco World · ‎05-02-2025

Log buffer have level 1

External server have level above 1

When you move message then the message will send to server abd not full the buffer.

MHM

uadmin · ‎05-02-2025

"When you move message then the message will send to server abd not full the buffer."

I understand that Sir, but what command do I use to tell the box to send the logs to the syslog only, and stop sending it to the buffer? What is the command please?

uadmin · ‎05-02-2025

Nvm, I think I found it.

no logging buffered

MHM Cisco World · ‎05-02-2025

This will sure not make buffer saving any message.

As I mention before it depend on your requirement' you can move message or not save any messages in buffer.

MHM

uadmin · ‎05-02-2025

I disabled the internal buffer for logging but memory still high, even after clearing the buffer.

Do I need to disable logging for the 'ASDM' as well to free up the memory?

MHM Cisco World · ‎05-02-2025

Yes

MHM

uadmin · ‎05-02-2025

This is what I have right now, how long will it take the memory to clear?

Will I need to reboot the box at all?

MHM Cisco World · ‎05-02-2025

no need reboot, monitor ASA for couple of hours

MHM

uadmin · ‎05-02-2025

Ok, I just got home. Looking at it, a bit concerned, the memory keeps getting depleted.

Anything else I can do? Did I miss anything?

johnlloyd_13 · ‎05-03-2025

hi,

temporarily remove logging and clear log buffer.

no logging enable

clear logging buffer

uadmin · ‎05-03-2025

Firewall won't let me SSH into it anymore, closes my SSH connection.

Going to try this from the GUI.

uadmin · ‎05-03-2025

Looks like I can't connect to it via ASDM or SSH at this point. Going to reboot it and/or failover to the secondary.

marce1000 · ‎05-03-2025

- @uadmin It got out of sufficient resources eventually; you may try the CLI Analyzer again , to check if that was related too and or for demo purposes and discover its functionalities.

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

uadmin · ‎05-05-2025

The Cisco CLI Analyzer (v3.7.2) can't seem to connect to the firewall, regardless of what I try. All I see is an empty screen with a blinking cursor.

We had to failover to the secondary firewall yesterday. Now that the primary isn't active, I am looking at it without it processing traffic or creating logs and it is still filling up the memory by about 8% a day.