1. Home
  2. Cisco Systems
  3. logging level on asa

logging level on asa

Hi,

We've configured a syslog server where our ASA 5510 can log to. A trap is configured like"logging trap errors".

However, our syslog server gets flooded with messages as shown below :

%ASA-2-106001: Inbound TCP connection denied from x.x.x.x/3630 to

213.207.99.248/445 flags SYN on interface outside (Message repeated 2 times) %ASA-2-106001: Inbound TCP connection denied from x.x.x.x/2671 to 213.207.99.248/445 flags SYN on interface outside %ASA-2-106001: Inbound TCP connection denied from x.x.x.x/6822 to 213.207.99.248/445 flags SYN on interface outside

As we had a pix before, the logging level was configured at logging trap notifications but it seems that the asa uses different levels for some log entries ?

I just can't imagine the only reasonably logging level is "error".

Any comments on this ?

GR

Sebastian

Reply to
Sebas
Loading thread data ...

I haven't had a chance to work with ASA, so I don't know why that is happening. Sounds like a bug to me.

The PIX and ASA command languages are the same, so I suggest that you experiment with changing the logging level on individual messages. In PIX 6.2/6.3, that would be via "logging message 106001 level 4" (or something similar)

Is it possible that somehow all the messages got changed from their default logging level to level 2?

Reply to
Walter Roberson

Hi Walter,

That command was just what i needed to know. I see i made a mistake in my case description, the level configured was warning and not error.

I've moved 2 entries : logging message 106001 level 5 logging message 106023 level 5

Now we have what we want.

Many thanks !

Sebastian

Reply to
Sebas

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.