Does your logging server get bogged down with big log files, and you need to cut that size down some? Stop sending informational data. Cut it down to just audit type traffic. Here is what I do on my ASA (if I dont need informational data to look through) for both my Syslog and my ASDM (not that I use ASDM much):
logging enable
no logging trap informational <------ This is a setting of "6", which is informational data
logging trap notifications <------ This is a setting of "5", which
is for notification data (like firewall audit trail for users and
activity)
no logging asdm informational <------ This is a setting of "6", which is informational data
logging asdm notifications <------ This is a setting of "5", which is for notification data (like firewall audit trail for users and activity)
Hi Kille,
ReplyDeletePlease help me to understand this. Do I need to enable logging? I cannot see log file from my Log Server. Please advice. Thanks.
sh run
no logging trap
----------------------------
sh log
Trap logging: disabled
you will need to use the 'logging enable'command also in your case, to enable logging.
Delete