Configuring The Logging Queue - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Chapter 42
Monitoring the Security Appliance
Configuring the Logging Queue
The Cisco ASA has a fixed number of blocks in memory that can be allocated for buffering system log
messages while they are waiting to be sent to the configured output destination. The number of blocks
required depends on the length of the system log message queue and the number of syslog servers
specified.
To specify the number of system log messages the security appliance can hold in its queue before sending
them to the configured output destination, enter the following command:
hostname(config)# logging queue message_count
Where the message_count variable specifies the number of system log messages that can remain in the
system log message queue while awaiting processing. The default is 512 system log messages. A setting
of 0 (zero) indicates unlimited system log messages, that is, the queue size is limited only by block
memory availability.
To view the queue and queue statistics, enter the following command:
hostname(config)# show logging queue
Including the Date and Time in System Log Messages
To specify that system log messages should include the date and time that the system log messages was
generated, enter the following command:
hostname(config)# logging timestamp
Including the Device ID in System Log Messages
To configure the security appliance to include a device ID in non-EMBLEM-format system log
messages, enter the following command:
hostname(config)# logging device-id
string text
You can specify only one type of device ID for the system log messages.
The context-name keyword indicates that the name of the current context should be used as the device
ID (applies to multiple context mode only). If you enable the logging device ID for the admin context in
multiple context mode, messages that originate in the system execution space use a device ID of system,
and messages that originate in the admin context use the name of the admin context as the device ID.
The hostname keyword specifies that the hostname of the security appliance should be used as the
device ID.
The ipaddress interface_name argument specifies that the IP address of the interface specified as
interface_name should be used as the device ID. If you use the ipaddress keyword, the device ID
becomes the specified security appliance interface IP address, regardless of the interface from which the
system log message is sent. This keyword provides a single, consistent device ID for all system log
messages that are sent from the device.
The string text argument specifies that the text string should be used as the device ID. The string can
contain as many as 16 characters. You cannot use blank spaces or any of the following characters:
•
•
OL-10088-01
}
& (ampersand)
' (single quote)
{
|
context-name
hostname | ipaddress interface_name |
Cisco Security Appliance Command Line Configuration Guide
Configuring and Managing Logs
42-19
Advertisement
Table of Contents
Troubleshooting
