• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1358
  • Last Modified:

ASA 5510 - SysLog Server Logging Filter

Hello,

I have two ASA 5510 firewalls which run in a failover setup. Today I added through ADSM a SYSlog server they both should write to.

If I check now under Configuration, Device Management, Logging Filters then for SysLog Servers the severity is being set to debugging. (Sorry ADSM is all I know). So with severity level I assume that pretty much everything is being written to the Syslog servers.
Performance and disk space wise this should not be a problem for the Syslog server but my question is that the recommended level? I mean does that even make sense to log so much data or  should I change the level to something else? The only time I would probebly look into the data is when there was for example a problem at night but in the morning it is not reproducable. For example - on of the firewalls has a hickup.

Thank you
Marcus
12-16-2009-3-01-39-PM.png
0
Mc2102
Asked:
Mc2102
1 Solution
 
neuromancerxyzCommented:
1. Performance and disk space wise this should not be a problem for the Syslog server but my question is that the recommended level?
>> Well Yes/No
Yes if you are really looking for all logs when you have problem as you said for night. But there will too much for you to filter.
No: This is which i can recommend user "Alert" which will give u info that u require to log.

I mean does that even make sense to log so much data or  should I change the level to something else?
Change the level as per your requirement. I prefer "ALERT"

Hope this helps
0
 
Mc2102Author Commented:
Hello Neuromancerxyz,

That is actullay exactly the kind of information I was looking for.

Thank you
Marcus
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now