ASA5510 logging

Hello,

I'm experiencing overloads of information when I do a #terminal monitor on my ASA5510. I'm trying to troubleshoot an issue with a L2L tunnel and it isn't possible with this amount of information being flooded on screen. I can't even do a #terminal no monitor on screen, the only way to end the logging outputs is to disconnect ssh session and reconnect.

I know you can setup logging alerts from 1-7 to trim down the output on a 3750 switch. Can anybody steer me in the right direction with how to do this on a 5510?

Thanks

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

fightclub34

use asdm and do logging through that. You can filter based on different options. I will usually use the ip of the tunnel and see what the heck is happening that way.

clamz

Hmmm, Yeah I don't use ASDM launcher that much. Is there a command line work around?

shednik

clamz wrote: »

Hmmm, Yeah I don't use ASDM launcher that much. Is there a command line work around?

debugs of isakmp and ipsec??

or set the level of the buffer

logging buffered sevlevel

Check out here for some more info...but for something like this don't be afraid of ASDM it can be handy at times...

PIX/ASA 7.x and later with Syslog Configuration Example - Cisco Systems

Ahriakin

You set logging levels 1-7 the same way on the ASA (though there are multiple levels of debug if you really want to dig down).
If your traffic load is too high then either use the buffer and "show logging | i xxxxxx", the ASDM as suggested or better still pipe it to an external quick-response syslog viewer like Splunk. If you have a lot of VPNs running a log server is really your only choice.
The closest you can get on the CLI is to disable specific messages by their ID, but of course that requires knowing the messages you want to get rid of.

clamz

Thanks for the responses guys,

Ahriakin, since I have several L2L tunnels running I think I'll try the buffer at first.

shednik wrote: »
debugs of isakmp and ipsec??

or set the level of the buffer
logging buffered sevlevel
Check out here for some more info...but for something like this don't be afraid of ASDM it can be handy at times...

PIX/ASA 7.x and later with Syslog Configuration Example - Cisco Systems

Thanks for the PDF, I think I'll download kiwi syslog and try this out.