Filter
Top Products
17-2
Cisco ASDM User Guide
OL-16647-01
Chapter 17 Configuring Logging
Using Logging
Using Logging
After you have defined the security context, choose Configuration > Device Management > Logging.
Under Logging, you can do the following:
• In the Logging Setup pane, enable logging and configure the logging parameters. For more
information, see Logging Setup, page 17-2.
• In the Syslog Setup pane, set the facility code to be included in syslog messages that are sent to
syslog servers, specify that a timestamp is included in each message, view the severity levels for
messages, modify the severity level for messages, and disable messages. For more information, see
Syslog Setup, page 17-4.
• In the E-Mail Setup pane, specify syslog messages to be sent by e-mail for notification purposes.
For more information, see Syslog Setup, page 17-4.
• In the Event Lists pane, create custom lists of events that specify which messages should be logged;
these lists are then used when you set up log filters. For more information, see Event Lists,
page 17-8.
• In the Logging Filters pane, specify the criteria that should be used to filter the messages sent to
each log destination. The criteria you use for creating filters are severity level, message class,
message ID, or events lists. For more information, see Logging Filters, page 17-10.
• In the Rate Limit pane, limit the number of messages that can be generated in a specified time
interval. For more information, see Rate Limit, page 17-14.
• In the Syslog Server pane, specify one or more syslog servers to which the security appliance sends
syslog messages. For more information, see Syslog Servers, page 17-16.
• In the SMTP pane, specify one or more SMTP servers to which the ASDM sends e-mail alerts and
notification messages. For more information, see SMTP, page 17-18.
• In the NetFlow pane, export the information about the progression of a flow of packets. For more
information, see Using NetFlow, page 17-18.
Logging Setup
The Logging Setup pane lets you enable system logging on the security appliance and lets you specify
general logging parameters, including whether standby units can take over logging, whether to send
debug messages, and whether to use the EMBLEM format. This pane also lets you change default
settings for the internal log buffer and the security appliance logging queue. To access this pane, choose
Configuration > Device Management > Logging > Logging Setup.
To configure logging, perform the following steps:
Step 1 Check the Enable logging check box to turn on logging for the main security appliance.
Step 2 Check the Enable logging on the failover standby unit check box to turn on logging for the standby
security appliance, if available.
Step 3 Check the Send debug messages as syslogs check box to redirects all debug trace output to system logs.
The syslog message does not appear on the console if this option is enabled. Therefore, to view debug
messages, you must have logging enabled at the console and have it configured as the destination for the
debug syslog message number and severity level. The syslog message number to use is 711001. The
default severity level for this syslog message is debug.