Enabling secure logging – Cisco ASA 5505 User Manual

Page 1758

Advertising
background image

77-16

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 77 Configuring Logging

Configuring Logging

Sending All Syslog Messages in a Class to a Specified Output Destination

To send all syslog messages in a class to a specified output destination, enter the following command:

Enabling Secure Logging

To enable secure logging, enter the following command:

Command

Purpose

logging class

message_class {buffered | console |

history

| mail | monitor | trap} [severity_level]

Example:

hostname(config)# logging class ha buffered alerts

Overrides the configuration in the specified output destination
command. For example, if you specify that messages at
severity level 7 should go to the internal log buffer and that ha
class messages at severity level 3 should go to the internal log
buffer, then the latter configuration takes precedence. The
buffered, history, mail, monitor, and trap keywords specify
the output destination to which syslog messages in this class
should be sent. The history keyword enables SNMP logging.
The monitor keyword enables Telnet and SSH logging. The
trap keyword enables syslog server logging. Select one
destination per command line entry. To specify that a class
should go to more than one destination, enter a new command
for each output destination.

Command

Purpose

logging host

interface_name syslog_ip [tcp/port |

udp

/port] [format emblem] [secure]

Example:

hostname(config)# logging host inside 10.0.0.1

TCP/1500 secure

Enables secure logging.

The interface_name argument specifies the interface on which
the syslog server resides. The syslog_ip argument specifies the
IP address of the syslog server. The port argument specifies the
port (TCP or UDP) that the syslog server listens to for syslog
messages. The tcp keyword specifies that the ASA should use
TCP to send syslog messages to the syslog server. The udp
keyword specifies that the ASA should use UDP to send syslog
messages to the syslog server. The format emblem keyword
enables EMBLEM format logging for the syslog server. The
secure keyword specifies that the connection to the remote
logging host should use SSL/TLS for TCP only.

Note

Secure logging does not support UDP; an error occurs
if you try to use this protocol.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals