Filter
Top Products
CHAPTER
76-1
Cisco ASA 5500 Series Configuration Guide using ASDM
76
Configuring Logging
This chapter describes how to configure and manage logs for the ASA and includes the following
sections:
• Information About Logging, page 76-1
• Licensing Requirements for Logging, page 76-5
• Prerequisites for Logging, page 76-5
• Guidelines and Limitations, page 76-6
• Configuring Logging, page 76-6
• Monitoring the Logs, page 76-23
• Feature History for Logging, page 76-27
Information About Logging
System logging is a method of collecting messages from devices to a server running a syslog daemon.
Logging to a central syslog server helps in aggregation of logs and alerts. Cisco devices can send their
log messages to a UNIX-style syslog service. A syslog service accepts messages and stores them in files,
or prints them according to a simple configuration file. This form of logging provides protected
long-term storage for logs. Logs are useful both in routine troubleshooting and in incident handling.
The ASA system logs provide you with information for monitoring and troubleshooting the ASA. With
the logging feature, you can do the following:
• Specify which syslog messages should be logged.
• Disable or change the severity level of a syslog message.
• Specify one or more locations where syslog messages should be sent, including an internal buffer,
one or more syslog servers, ASDM, an SNMP management station, specified e-mail addresses, or
to Telnet and SSH sessions.
• Configure and manage syslog messages in groups, such as by severity level or class of message.
• Specify whether or not a rate-limit is applied to syslog generation.
• Specify what happens to the contents of the internal log buffer when it becomes full: overwrite the
buffer, send the buffer contents to an FTP server, or save the contents to internal flash memory.
• Filter syslog messages by locations, severity level, class, or a custom message list.