Knowledge Base

Design & Configure

Cisco ASA: Logging

Technology: Network Security
Area: Firewalls
Vendor: Cisco
Software: 8.X, 9.X
Platform: Cisco ASA

Logging on ASA is configured separately on each output. For each output severity needs to be defined. This is worth to remember that the logging severity defined for particular output takes the logs of this configured severity and all more specific. So when you define the severity 6 – informational logs for console, the 6 logs, 5, 4, 3, 2, 1 and 0 will be send to console. If you specify 3 – errors logs, the 3, 2, 1 and 0 will be sent.

To enable logging on ASA:

ASA(config)#logging on

Debug logs from console:

ASA(config)#logging console debugging

Informational (6) logs to asdm:

ASA(config)#logging asdm informational

Informational (6) logs to VTY lines:

ASA(config)#logging monitor informational

Debug (7) logs to syslog server and syslog server definition:

ASA(config)#logging trap debugging

ASA(config)#logging host inside


Author: Marcin Bialy