Re: ASA log

itdsmartnet · ‎11-26-2008

hi, i have configured syslog server and it is working fine, i want only specific logs on my syslog server i.e vpn user login time and logout time only. don't want any thing else. How can i configure it.

Thanks

John Blakley · ‎11-26-2008

You'll find the message in your syslog like:

Nov 26 2008 05:03:49 Athena : %ASA-6-302015: Built outbound UDP connection 376604 for outside.....

The %ASA-6-302015 is the message number. In config mode type:

no logging message 302015

You have to do this for every message you don't want to log.

HTH,

John

HTH, John *** Please rate all useful posts ***

itdsmartnet · ‎11-26-2008

hi,

i only want vpn messages to be log. no other messages to be logged on syslog server.

Is there any way to log only specific messages and the rest of messages will not be logged.

John Blakley · ‎11-26-2008

Unfortunately, not that I'm aware of. When you set your logging level, it logs everything from that level down. So if you set the logging level to 5, it logs 1 - 5 messages. You then have to tell it what messages you don't want to log.

HTH,

John

HTH, John *** Please rate all useful posts ***

lowen · ‎11-26-2008

To minimize the number of messages that you have to disable, you can set the log-level to the most restrictive (7/alerts), and promote the messages that you want to see to that level:

logging trap alerts

logging message 302015 level alerts

lowen · ‎11-26-2008

Oops! That would be level "emergencies" instead of "alerts" (numerically, 0 not 7). Also, you might want to look at the "logging list " command; if the classes map well to what you want to see, it may simplify things for you (I've never used it, but it looks like it might fit).