Filter
Top Products
17-8
Cisco ASDM User Guide
OL-16647-01
Chapter 17 Configuring Logging
Event Lists
Add/Edit E-Mail Recipients
The Add/Edit E-Mail Recipient dialog box lets you set up a destination e-mail address for a specified
severity of syslog messages to be sent as e-mail messages.
The severity level used to filter messages for the destination e-mail address is the higher of the severity
level specified in this dialog box and the global filter set for all e-mail recipients in the Logging Filters
pane.
To add or edit e-mail recipients and severity levels, see Syslog Setup, page 17-4.
Modes
The following table shows the modes in which this feature is available:
Event Lists
The Event Lists pane lets you create custom lists of events that are used to choose which syslog messages
are sent to a specific destination. After you enable logging and configure the logging parameters using
the Logging Setup pane, create one or more lists of events in the Event Lists pane. Use these event lists
in the Logging Filters pane to specify a logging destination for each list of events. To access this pane,
choose Configuration > Device Management > Logging > Event Lists.
You use three criteria to define an event list:
• Message Class
• Severity
• Message ID
A message class is a group of syslog messages related to a security appliance feature that enables you to
specify an entire class of messages rather than specifying a class for each message individually. For
example, use the auth class to select all syslog messages that are related to user authentication.
Severity level classifies syslog messages based on the relative importance of the event in the normal
functioning of the network. The highest severity level is emergency, which means the resource is no
longer available. The lowest severity level is debugging, which provides detailed information about
every network event.
The message ID is a numeric value that uniquely identifies each message. You can use the message ID
in an event list to identify a range of syslog messages, such as 101001-1990120.
To create custom lists of events to send to a specific logging destination, perform the following steps:
Step 1 Click Add to display the Add Event List dialog box.
Step 2 In the Name field, enter the name of the event list. No spaces are allowed.
Step 3 In the Event Class/Severity area, click Add to display the Add Class and Severity Filter dialog box.
Step 4 Choose the event class from the drop-down list. Available event classes include the following:
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• • • •—