The Cisco ASA firewall generates syslog messages for many different events. For example, interfaces going up or down, security alerts, debug information and more. We can configure the ASA to tell it how much and where to store logging information.
Before you configure logging, make sure your clock has been configured. Logging on ASA is configured separately on each output. For each output severity needs to be defined. Severity defined for particular output takes the logs of this configured severity and all more specific.
So when you define the severity 6 – informational logs for console, the 6 logs, 5, 4, 3, 2, 1 and 0 will be send to console. If you specify 3 – errors logs, the 3, 2, 1 and 0 will be sent.
ASA severity is stated below :
alerts Immediate action needed ========= (severity=1)
critical Critical conditions ========= (severity=2)
debugging Debugging messages========= (severity=7)
emergencies System is unusable =========(severity=0)
errors Error conditions =========(severity=3)
informational Informational messages ======(severity=6)
notifications Normal but significant conditions=(severity=5)
warnings Warning conditions =========(severity=4)
To enable logging on ASA:
ASA(config)#logging enable
Debug logs from console:
ASA(config)#logging console debugging
Informational (6) logs to ASDM:
ASA(config)#logging ASDM informational
Informational (6) logs to VTY lines:
ASA(config)#logging monitor informational
Debug (7) logs to syslog server and syslog server 1.1.1.1 definition:
ASA(config)#logging trap debugging
ASA(config)#logging host inside 1.1.1.1