ASA5510 logging

clamzclamz Member Posts: 28 ■□□□□□□□□□
Hello,

I'm experiencing overloads of information when I do a #terminal monitor on my ASA5510. I'm trying to troubleshoot an issue with a L2L tunnel and it isn't possible with this amount of information being flooded on screen. I can't even do a #terminal no monitor on screen, the only way to end the logging outputs is to disconnect ssh session and reconnect.

I know you can setup logging alerts from 1-7 to trim down the output on a 3750 switch. Can anybody steer me in the right direction with how to do this on a 5510?

Thanks

Comments

  • fightclub34fightclub34 Member Posts: 41 ■■□□□□□□□□
    use asdm and do logging through that. You can filter based on different options. I will usually use the ip of the tunnel and see what the heck is happening that way.
  • clamzclamz Member Posts: 28 ■□□□□□□□□□
    Hmmm, Yeah I don't use ASDM launcher that much. Is there a command line work around?
  • shednikshednik Member Posts: 2,005
    clamz wrote: »
    Hmmm, Yeah I don't use ASDM launcher that much. Is there a command line work around?

    debugs of isakmp and ipsec??

    or set the level of the buffer
    logging buffered sevlevel
    

    Check out here for some more info...but for something like this don't be afraid of ASDM it can be handy at times...

    PIX/ASA 7.x and later with Syslog Configuration Example - Cisco Systems
  • AhriakinAhriakin Member Posts: 1,799 ■■■■■■■■□□
    You set logging levels 1-7 the same way on the ASA (though there are multiple levels of debug if you really want to dig down).
    If your traffic load is too high then either use the buffer and "show logging | i xxxxxx", the ASDM as suggested or better still pipe it to an external quick-response syslog viewer like Splunk. If you have a lot of VPNs running a log server is really your only choice.
    The closest you can get on the CLI is to disable specific messages by their ID, but of course that requires knowing the messages you want to get rid of.
    We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place?
  • clamzclamz Member Posts: 28 ■□□□□□□□□□
    Thanks for the responses guys,

    Ahriakin, since I have several L2L tunnels running I think I'll try the buffer at first.

    shednik wrote: »
    debugs of isakmp and ipsec??

    or set the level of the buffer
    logging buffered sevlevel
    

    Check out here for some more info...but for something like this don't be afraid of ASDM it can be handy at times...

    PIX/ASA 7.x and later with Syslog Configuration Example - Cisco Systems

    Thanks for the PDF, I think I'll download kiwi syslog and try this out.
Sign In or Register to comment.