Configuring the ASDM to View Logging
The ASDM Log panel, shown in Figure 10-1, allows you to view syslog messages that are
captured in the ASDM Log buffer in the Security Appliance memory. You may select the level
of syslog messages you want to view. When you view the ASDM Log, all the buffered syslog
messages at and below the logging level you choose are displayed.
ASDM Log Viewer Screen
The ASDM logging panel has the following fields:
■ Logging Level—Enables you to choose the level of syslog messages to view.
To view the logs using the PDM interface, click the View button shown in Figure 10-1. Figure
10-2 shows a sample output of logs viewed from the PDM logging panel.
■ Buffer Limit—Sets the maximum number of log messages that will display. The default
for this value is 1000.
Configuring Syslog Messages at the Console
Configuring logging on the console interface is useful when you are troubleshooting or
observing traffic patterns directly from a Security Appliance. This gives you real-time
information about what is happening on the Security Appliance. To configure logging at the
Security Appliance console interface, use the logging console command as follows. After
logging into configuration mode, enter the following:
Pixfw(config)#logging on
Pixfw(config)#logging console 5
The 5 indicates the logging level. In this case, it is logging notification. From the console, you
can see the logs in real time.
Sending Syslog Messages to a Telnet Session
Remotely troubleshooting or viewing real-time Security Appliance traffic patterns can be
done by configuring the PIX to send logging information to a Telnet session. The logging
monitor command configures the Security Appliance to send syslog messages to Telnet
sessions. For example, after logging into configuration mode, enter the following:
Pixfirewall (config)#logging monitor 6
Pixfirewall(config)#terminal monitor
In this example, syslog messages 0 to 6, or emergency to informational, are sent to a Telnet
session. To disable logging to Telnet, you use the no logging monitor command.
The terminal monitor displays messages directly to the Telnet session. You can disable the
direct display of messages by entering the terminal no monitor command. A Telnet session
sometimes is lost in busy networks when the logging monitor command is used.