Logging

The appliance generates log messages to document such events as denied TCP connections,

translation slot depletion in the xlate table, console logins, and bytes transferred

for each connection in the conn table. The appliances can log to the following destinations:

the console, an internal buffer, an SNMP management station via SNMP traps,

e-mail messages, and an external syslog server. The default is to log information to the

console; however, Cisco highly recommends in a production network that you either log

to the internal buffer of the appliance or to an external syslog server.

Logging Configuration

Configuring and controlling logging is done with the following commands:

ciscoasa(config)# logging enable

ciscoasa(config)# logging buffered severity_level

ciscoasa(config)# logging console severity_level

ciscoasa(config)# logging monitor severity_level

ciscoasa(config)# [no] logging message message_ID

ciscoasa(config)# logging host [(logical_if_name)]

syslog_IP_address [tcp|udp[/port_#]]

ciscoasa(config)# logging facility facility_number

ciscoasa(config)# logging standby

ciscoasa(config)# logging device-id {hostname | ipaddress IP_address |

string text}

ciscoasa(config)# logging timestamp

ciscoasa(config)# logging trap severity_level

TIP To disable logging for a particular location, preface it with the no parameter; for example, to

disable logging to the appliance internal buffer, use no logging buffered.

Logging Verification

The show logging command displays the configuration of logging on your appliance:

asa1(config)# show logging

Logging Configuration Example

Here’s a simple example that will log messages from level 1 to 5 to the syslog server

shown previously in Dhcp Relay server configuration Figure :-

ciscoasa(config)# logging enable

ciscoasa(config)# logging host (campus) 192.168.1.4

ciscoasa(config)# logging device-id hostname

ciscoasa(config)# logging timestamp

ciscoasa(config)# logging trap 5