ASA5510 logging
clamz
Member Posts: 28 ■□□□□□□□□□
Hello,
I'm experiencing overloads of information when I do a #terminal monitor on my ASA5510. I'm trying to troubleshoot an issue with a L2L tunnel and it isn't possible with this amount of information being flooded on screen. I can't even do a #terminal no monitor on screen, the only way to end the logging outputs is to disconnect ssh session and reconnect.
I know you can setup logging alerts from 1-7 to trim down the output on a 3750 switch. Can anybody steer me in the right direction with how to do this on a 5510?
Thanks
I'm experiencing overloads of information when I do a #terminal monitor on my ASA5510. I'm trying to troubleshoot an issue with a L2L tunnel and it isn't possible with this amount of information being flooded on screen. I can't even do a #terminal no monitor on screen, the only way to end the logging outputs is to disconnect ssh session and reconnect.
I know you can setup logging alerts from 1-7 to trim down the output on a 3750 switch. Can anybody steer me in the right direction with how to do this on a 5510?
Thanks
Comments
-
fightclub34
Member Posts: 41 ■■□□□□□□□□
use asdm and do logging through that. You can filter based on different options. I will usually use the ip of the tunnel and see what the heck is happening that way.
-
clamz
Member Posts: 28 ■□□□□□□□□□
Hmmm, Yeah I don't use ASDM launcher that much. Is there a command line work around?
-
shednik
Member Posts: 2,005
Hmmm, Yeah I don't use ASDM launcher that much. Is there a command line work around?
debugs of isakmp and ipsec??
or set the level of the bufferlogging buffered sevlevel
Check out here for some more info...but for something like this don't be afraid of ASDM it can be handy at times...
PIX/ASA 7.x and later with Syslog Configuration Example - Cisco Systems -
Ahriakin
Member Posts: 1,799 ■■■■■■■■□□
You set logging levels 1-7 the same way on the ASA (though there are multiple levels of debug if you really want to dig down).
If your traffic load is too high then either use the buffer and "show logging | i xxxxxx", the ASDM as suggested or better still pipe it to an external quick-response syslog viewer like Splunk. If you have a lot of VPNs running a log server is really your only choice.
The closest you can get on the CLI is to disable specific messages by their ID, but of course that requires knowing the messages you want to get rid of.We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place? -
clamz
Member Posts: 28 ■□□□□□□□□□
Thanks for the responses guys,
Ahriakin, since I have several L2L tunnels running I think I'll try the buffer at first.debugs of isakmp and ipsec??
or set the level of the bufferlogging buffered sevlevel
Check out here for some more info...but for something like this don't be afraid of ASDM it can be handy at times...
PIX/ASA 7.x and later with Syslog Configuration Example - Cisco Systems
Thanks for the PDF, I think I'll download kiwi syslog and try this out.