Firmware: 7.2 CLI (applies to Cisco FWSM 2.2, 3.1, and 4.1)
Collector: Network Collector - Syslog
To configure a Cisco Adaptive Security Appliance (ASA) to send log messages to TLC, complete the following steps on the Cisco ASA host:
1. | Log in to Cisco ASA with admin rights. |
2. | Enter the following commands: |
enable
config terminal
logging enable
logging host <interface_name> <Manager_IP>
logging trap <severity_level>
show logging
Where:
<interface_name> is the interface through which Cisco ASA accesses the Syslog server,
<Manager_IP> is the IP address of the TLC Manager to which log messages will be forwarded, and
<severity_level> is the maximum severity level of log messages to be sent to TLC.
Severity-level values include:
0 emergencies = System unusable
1 alert = Immediate action needed
2 critical = Critical condition
3 error = Error condition
4 warning = Warning condition
5 notification = Normal but significant condition
6 informational = Informational message only
7 debugging = Appears during debugging only
For example:
enable
config terminal
logging enable
logging host inside 10.20.30.40
logging trap 7
show logging
Tip |
To add more information to your Cisco ASA log messages, you can add format emblem to the end of the logging host command (e.g. logging host inside 10.20.30.40 format emblem). |
---|
3. | Save the new configuration or retain it as the default running configuration. |
Next |
If you are performing initial configuration of your TLC environment, see Configuring your TLC Environment. Otherwise, see Adding a Monitored Asset for a new Log Source. |
---|