ASA failover debugging to syslog server?

Posted on 2011-04-26
Medium Priority
Last Modified: 2012-06-27

I'm trying to troubleshoot some failover problems with a couple of asa's and it would be nice to be able to send the traces to my syslog server.  Unfortunately, no matter what I do, they only go to the console.

Here's the relevant parts of the config.  What am I doing wrong?

FW1# sho run | incl log
access-list WEBHIS_IN extended permit udp object-group WEBHIS_SERVERS object-group SYSLOG_SERVERS eq syslog
logging enable
logging timestamp
logging list Authorization_Logging level informational class auth
logging list fo_list level debugging class ha
logging buffered debugging
logging trap fo_list
logging asdm informational
logging host inside
logging host inside
logging host inside

But when I

FW1 # debug fover rxip
FW1 # debug fover txip

It all still goes to console, and

$ tail -f /var/log/fw1

on the syslog server just sits there.  (and I am certain that the rsyslog.conf is set up correctly since it works with a general logging trap command.

What to do?



From console:

FW1# debug fover rxip    
fover event trace on
FW1# debug fover rxipfover_ip: fover_ip(): ifc 8 got Fover Msg ->
fover_ip: fover_ip(): ifc 8 got Fover Msg ->
fover_ip: fover_ip(): ifc 8 got Fover Msg ->
tfover_ip: fover_ip(): ifc 1 ->
fover_ip: fover_ip(): ifc 1 got FHELLO
fover_ip: fover_ip(): ifc 8 got Fover Msg ->
fover_ip: fover_ip(): ifc 8 got Fover Msg ->
fover_ip: fover_ip(): ifc 8 got Fover Msg ->
xipfover_ip: fover_ip(): ifc 8 got Fover Msg ->

fover event trace on
FW1# fover_ip: fover_ip(): ifc 8 got Fover Msg ->
fover_ip: fover_ip(): ifc 8 got Fover Msg ->
Question by:mlnpscda

Accepted Solution

EyeNoVoIP earned 1000 total points
ID: 35471918
please add the logging debug-trace command to send to syslog.

Author Closing Comment

ID: 35485674
perfect.  thanks.

Featured Post

Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As managed cloud service providers, we often get asked to intervene when cloud deployments go awry. Attracted by apparent ease-of-use, flexibility and low computing costs, companies quickly adopt leading public cloud platforms such as Amazon Web Ser…
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question