Table Of Contents

logging asdm through logout message Commands

logging asdm

logging asdm-buffer-size

logging buffered

logging buffer-size

logging class

logging console

logging debug-trace

logging device-id

logging emblem

logging enable

logging facility

logging flash-bufferwrap

logging flash-maximum-allocation

logging flash-minimum-free

logging from-address

logging ftp-bufferwrap

logging ftp-server

logging history

logging host

logging list

logging mail

logging message

logging monitor

logging permit-hostdown

logging queue

logging rate-limit

logging recipient-address

logging savelog

logging standby

logging timestamp

logging trap

login

login-button

login-message

login-title

logo

logout

logout-message

logging asdm through logout message Commands

---

logging asdm

To send system log messages to the ASDM log buffer, use the logging asdm command in global configuration mode. To disable logging to the ASDM log buffer, use the no form of this command.

logging asdm [logging_list | level]

no logging asdm [logging_list | level]

Syntax Description

level

Sets the maximum level for system log messages. For example, if you set the level to 3, then the security appliance generates system log messages for level 3, 2, 1, and 0. You can specify either the number or the name, as follows: •0 or emergencies—System unusable. •1 or alerts—Take immediate action. •2 or critical—Critical condition. •3 or errors—Error. •4 or warnings—Warning. •5 or notifications—Normal but significant condition. •6 or informational—Information. •7 or debugging—Debug messages, log FTP commands, and WWW URLs.

logging_list

Specifies the list that identifies the messages to send to the ASDM log buffer. For information about creating lists, see the logging list command.

Defaults

ASDM logging is disabled by default.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)(1)	This command was introduced.

Usage Guidelines

Before any messages are sent to the ASDM log buffer, you must enable logging using the logging enable command.

When the ASDM log buffer is full, security appliance deletes the oldest message to make room in the buffer for new messages. To control the number of system log messages retained in the ASDM log buffer, use the logging asdm-buffer-size command.

The ASDM log buffer is a different buffer than the log buffer enabled by the logging buffered command.

Examples

This example shows how enable logging and send to the ASDM log buffer messages of severity levels 0, 1, and 2. It also shows how to set the ASDM log buffer size to 200 messages.

hostname(config)# logging enable

hostname(config)# logging asdm 2

hostname(config)# logging asdm-buffer-size 200

hostname(config)# show logging

Syslog logging: enabled

    Facility: 20

    Timestamp logging: disabled

    Standby logging: disabled

    Deny Conn when Queue Full: disabled

    Console logging: disabled

    Monitor logging: disabled

    Buffer logging: disabled

    Trap logging: disabled

    History logging: disabled

    Device ID: disabled

    Mail logging: disabled

    ASDM logging: level critical, 48 messages logged

Related Commands

Command	Description
clear logging asdm	Clears the ASDM log buffer of all messages it contains.
logging asdm-buffer-size	Specifies the number of ASDM messages retained in the ASDM log buffer
logging enable	Enables logging.
logging list	Creates a reusable list of message selection criteria.
show logging	Displays the enabled logging options.
show running-config logging	Displays the logging configuration.

logging asdm-buffer-size

To specify the number of system log messages retained in the ASDM log buffer, use the logging asdm-buffer-size command in global configuration mode. To reset the ASDM log buffer to its default size of 100 messages, use the no form of this command.

logging asdm-buffer-size num_of_msgs

no logging asdm-buffer-size num_of_msgs

Syntax Description

num_of_msgs

Specifies the number of system log messages that the security appliance retains in the ASDM log buffer.

Defaults

The default ASDM syslog buffer size is 100 messages.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)(1)	This command was introduced.

Usage Guidelines

When the ASDM log buffer is full, security appliance deletes the oldest message to make room in the buffer for new messages. To control whether logging to the ASDM log buffer is enabled or to control the kind of system log messages retained in the ASDM log buffer, use the logging asdm command.

The ASDM log buffer is a different buffer than the log buffer enabled by the logging buffered command.

Examples

This example shows how enable logging and send to the ASDM log buffer messages of severity levels 0, 1, and 2. It also shows how to set the ASDM log buffer size to 200 messages.

hostname(config)# logging enable

hostname(config)# logging asdm 2

hostname(config)# logging asdm-buffer-size 200

hostname(config)# show logging

Syslog logging: enabled

    Facility: 20

    Timestamp logging: disabled

    Standby logging: disabled

    Deny Conn when Queue Full: disabled

    Console logging: disabled

    Monitor logging: disabled

    Buffer logging: disabled

    Trap logging: disabled

    History logging: disabled

    Device ID: disabled

    Mail logging: disabled

    ASDM logging: level critical, 48 messages logged

Related Commands

Command	Description
clear logging asdm	Clears the ASDM log buffer of all messages it contains.
logging asdm	Enables logging to the ASDM log buffer.
logging enable	Enables logging.
show logging	Displays the enabled logging options.
show running-config logging	Displays the currently running logging configuration.

logging buffered

To enable the security appliance to send system log messages to the log buffer, use the logging buffered command in global configuration mode. To disable logging to the log buffer, use the no form of this command.

logging buffered [logging_list | level]

no logging buffered [logging_list | level]

Syntax Description

level

Sets the maximum level for system log messages. For example, if you set the level to 3, then the security appliance generates system log messages for level 3, 2, 1, and 0. You can specify either the number or the name, as follows: •0 or emergencies—System unusable. •1 or alerts—Take immediate action. •2 or critical—Critical condition. •3 or errors—Error. •4 or warnings—Warning. •5 or notifications—Normal but significant condition. •6 or informational—Information. •7 or debugging—Debug messages, log FTP commands, and WWW URLs.

logging_list

Specifies the list that identifies the messages to send to the log buffer. For information about creating lists, see the logging list command.

Defaults

The defaults are as follows:

•Logging to the buffer is disabled.

•Buffer size is 4 KB.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
Preexisting	This command was preexisting.

Usage Guidelines

Before any messages are sent to the log buffer, you must enable logging using the logging enable command.

New messages append to the end of the buffer. When the buffer fills up, the security appliance clears it and continues adding messages to it. When the log buffer is full, security appliance deletes the oldest message to make room in the buffer for new messages. You can have buffer contents automatically saved each time the contents of the buffer have "wrapped", meaning that all the messages since the last save have been replaced by new messages. For more information, see the logging flash-bufferwrap and logging ftp-bufferwrap commands.

At any time, you can save the contents of the buffer to Flash memory. For more information, see the logging savelog command.

System Log messages sent to the buffer can be viewed with the show logging command.

Examples

This example configures logging to the buffer for level 0 and level 1 events:

hostname(config)# logging buffered alerts

hostname(config)#

This example creates a list named notif-list with a maximum logging level of 7 and configures logging to the buffer for system log messages identified by the notif-list list.

hostname(config)# logging list notif-list level 7

hostname(config)# logging buffered notif-list

hostname(config)#

Related Commands

Command	Description
clear logging buffer	Clears the log buffer of all system log messages it contains.
logging buffer-size	Specifies log buffer size.
logging enable	Enables logging.
logging flash-bufferwrap	Writes the log buffer to Flash memory when the log buffer is full.
logging ftp-bufferwrap	Sends the log buffer to an FTP server when the log buffer is full.
logging list	Creates a reusable list of message selection criteria.
logging savelog	Saves the contents of the log buffer to Flash memory.
show logging	Displays the enabled logging options.
show running-config logging	Displays the currently running logging configuration.

logging buffer-size

To specify the size of the log buffer, use the logging buffer-size command in global configuration mode. To reset the log buffer to its default size of 4 KB of memory, use the no form of this command.

logging buffer-size bytes

no logging buffer-size bytes

Syntax Description

bytes

Sets the amount of memory used for the log buffer, in bytes. For example, if you specify 8192, the security appliance uses 8 KB of memory for the log buffer.

Defaults

The log buffer size is 4 KB of memory.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)(1)	This command was introduced.

Usage Guidelines

To see whether the security appliance is using a log buffer of a size other than the default buffer size, use the show running-config logging command. If the logging buffer-size command is not shown, then the security appliance uses a log buffer of 4 KB.

For more information about how the security appliance uses the buffer, see the logging buffered command.

Examples

This example enables logging, enables the logging buffer, and specifies that the security appliance uses 16 KB of memory for the log buffer:

hostname(config)# logging enable

hostname(config)# logging buffered

hostname(config)# logging buffer-size 16384

hostname(config)# 

Related Commands

Command	Description
clear logging buffer	Clears the log buffer of all system log messages it contains.
logging buffered	Enables logging to the log buffer.
logging enable	Enables logging.
logging flash-bufferwrap	Writes the log buffer to Flash memory when the log buffer is full.
logging savelog	Saves the contents of the log buffer to Flash memory.
show logging	Displays the enabled logging options.
show running-config logging	Displays the currently running logging configuration.

logging class

To configure for a message class the maximum logging level per logging destination, use the logging class command in global configuration mode. To remove a message class logging level configuration, use the no form of the command.

logging class class destination level [destination level . . .]

no logging class class

Syntax Description

class	Specifies the message class whose maximum logging levels per destination you are configuring. For valid values of class, see the "Usage Guidelines" section that follows.
destination	Specifies a logging destination for class. For the destination, the level determines the maximum logging level sent to destination. For valid values of destination, see the "Usage Guidelines" section that follows.
level	Sets the maximum level for system log messages. For example, if you set the level to 3, then the security appliance generates system log messages for level 3, 2, 1, and 0. You can specify either the number or the name, as follows: •0 or emergencies—System unusable. •1 or alerts—Take immediate action. •2 or critical—Critical condition. •3 or errors—Error. •4 or warnings—Warning. •5 or notifications—Normal but significant condition. •6 or informational—Information. •7 or debugging—Debug messages, log FTP commands, and WWW URLs.

Defaults

By default, the security appliance does not apply logging levels on a logging destination and message class basis. Instead, each enabled logging destination receives messages for all classes at the logging level determined by the logging list or level specified when you enabled the logging destination.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)(1)	This command was introduced.

Usage Guidelines

Valid values for class include the following:

•auth—User authentication

•bridge—Transparent firewall

•ca—PKI certificate authority

•config—Command interface

•email—Email proxy

•ha—Failover

•ids—Intrusion detection system

•ip—IP stack

•np—Network processor

•ospf—OSPF routing

•rip—RIP routing

•session—User session

•snmp—SNMP

•sys—System

•vpn—IKE and IPSec

•vpnc—VPN client

•vpnfo—VPN failover

•vpnlb—VPN load balancing

Valid logging destinations are as follows:

•asdm—To learn about this destination, see the logging asdm command.

•buffered—To learn about this destination, see the logging buffered command.

•console—To learn about this destination, see the logging console command.

•history—To learn about this destination, see the logging history command.

•mail—To learn about this destination, see the logging mail command.

•monitor—To learn about this destination, see the logging monitor command.

•trap—To learn about this destination, see the logging trap command.

Examples

This example specifies that, for Failover-related messages, the maximum logging level for the ASDM log buffer is 2 and the maximum logging level for the system log buffer is 7:

hostname(config)# logging class ha asdm 2 buffered 7

hostname(config)# 

Related Commands

Command	Description
logging enable	Enables logging.
show logging	Displays the enabled logging options.
show running-config logging	Displays the logging-related portion of the running configuration.

logging console

To enable the security appliance to display system log messages in console sessions, use the logging console command in global configuration mode. To disable the display of system log messages in console sessions, use the no form of this command.

logging console [logging_list | level]

no logging console

---

Note We recommend that you do not use this command because it may cause many system log messages to be dropped due to buffer overflow. For more information, see the "Usage Guidelines" section that follows.

---

Syntax Description

level

Sets the maximum level for system log messages. For example, if you set the level to 3, then the security appliance generates system log messages for level 3, 2, 1, and 0. You can specify either the number or the name, as follows: •0 or emergencies—System unusable. •1 or alerts—Take immediate action. •2 or critical—Critical condition. •3 or errors—Error. •4 or warnings—Warning. •5 or notifications—Normal but significant condition. •6 or informational—Information. •7 or debugging—Debug messages, log FTP commands, and WWW URLs.

logging_list

Specifies the list that identifies the messages to send to the console session. For information about creating lists, see the logging list command.

Defaults

The security appliance does not display system log messages in console sessions by default.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
Preexisting	This command was preexisting.

Usage Guidelines

Before any messages are sent to the console, you must enable logging using the logging enable command.

---

Caution Using the logging console command could drastically degrade system performance. Instead, use the logging buffered command to start logging and the show logging command to see the messages. To make viewing the most current messages easier, use the clear logging buffer command to clear the buffer.

---

Examples

This example shows how to enable system log messages of levels 0, 1, 2, and 3 to appears in console sessions:

hostname(config)# logging enable

hostname(config)# logging console errors

hostname(config)# 

Related Commands

Command	Description
logging enable	Enables logging.
logging list	Creates a reusable list of message selection criteria.
show logging	Displays the enabled logging options.
show running-config logging	Displays the logging-related portion of the running configuration.

logging debug-trace

To redirect debugging messages to logs as syslog message 711001 issued at severity level 7, use the logging debug-trace command in global configuration mode. To stop sending debugging messages to logs, use the no form of this command.

logging debug-trace

no logging debug-trace

Syntax Description

This command has no arguments or keywords.

Defaults

By default, the security appliance does not include debug output in system log messages.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)(1)	This command was introduced.

Usage Guidelines

Debug messages are generated as severity level 7 messages. They appear in logs with the syslog message number 711001.

Examples

This example shows how enable logging, send log messages to the system log buffer, redirect debugging output to logs, and turn on debugging disk activity.

hostname(config)# logging enable

hostname(config)# logging buffered

hostname(config)# logging debug-trace

hostname(config)# debug disk filesystem

An example of a debug message that could appear in the logs follows:

%PIX-7-711001: IFS: Read: fd 3, bytes 4096

Related Commands

Command	Description
logging enable	Enables logging.
show logging	Displays the enabled logging options.
show running-config logging	Displays the logging-related portion of the running configuration.

logging device-id

To configure the security appliance to include a device ID in non-EMBLEM-format system log messages, use the logging device-id command in global configuration mode. To disable the use of a device ID, use the no form of this command.

logging device-id {context-name | hostname | ipaddress interface_name | string text}

no logging device-id {context-name | hostname | ipaddress interface_name | string text}

Syntax Description

context-name	Use the name of the current context as the device ID.
hostname	Use the host name of the security appliance as the device ID.
ipaddress interface_name	Use as the device ID the IP address of the interface specified as interface_name. If you use the ipaddress keyword, system log messages sent to an external server contain the IP address of the interface specified, regardless of which interface the security appliance uses to send the log data to the external server.
string text	Use as the device ID the characters contained in text, which can be up to 16 characters long. You cannot use white space characters or any of the following characters in text: •&—ampersand •'—single quote •"—double quote •<—less than •>—greater than •?—question mark

Defaults

No default device ID is used in system log messages.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
Preexisting	This command was preexisting.

Usage Guidelines

If you use the ipaddress keyword, the device ID becomes the specified security appliance interface IP address, regardless of the interface from which the message is sent. This keyword provides a single, consistent device ID for all messages that are sent from the device.

Examples

This example shows how to configure a host named secappl-1:

hostname(config)# logging device-id hostname

hostname(config)# show logging

Syslog logging: disabled

Facility: 20

Timestamp logging: disabled

Standby logging: disabled

Console logging: disabled

Monitor logging: disabled

Buffer logging: level informational, 991 messages logged

Trap logging: disabled

History logging: disabled

Device ID: hostname "secappl-1"

In syslog messages, the host name secappl-1 appears at the beginning of messages, such as the following message:

secappl-1 %PIX-5-111008: User 'enable_15' executed the 'logging buffer-size 4096' command.

Related Commands

Command	Description
logging enable	Enables logging.
show logging	Displays the enabled logging options.
show running-config logging	Displays the logging-related portion of the running configuration.

logging emblem

To use the EMBLEM format for system log messages sent to destinations other than a syslog server, use the logging emblem command in global configuration mode. To disable the use of EMBLEM format, use the no form of this command.

logging emblem

no logging emblem

Syntax Description

This command has no arguments or keywords.

Defaults

By default, the security appliance does not use EMBLEM format for system log messages.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)(1)	This command was changed to be independent of the logging host command.

Usage Guidelines

The logging emblem command lets you to enable EMBLEM-format logging for all logging destinations other than syslog servers. If you also enable the logging timestamp keyword, the messages with a time stamp are sent.

To enable EMBLEM-format logging for syslog servers, use the format emblem option with the logging host command.

Examples

This example shows how to enable logging and enable the use of EMBLEM-format for logging to all logging destinations except syslog servers:

hostname(config)# logging enable

hostname(config)# logging emblem

hostname(config)# 

Related Commands

Command	Description
logging enable	Enables logging.
show logging	Displays the enabled logging options.
show running-config logging	Displays the logging-related portion of the running configuration.

logging enable

To enable logging for all configured output locations, use the logging enable command in global configuration mode. To disable logging, use the no form of this command.

logging enable

no logging enable

Syntax Description

This command has no arguments or keywords.

Defaults

Logging is disabled by default.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)(1)	This command was changed from the logging on command.

Usage Guidelines

The logging enable command allows you to enable or disable sending system log messages to any of the supported logging destinations. You can stop all logging with the no logging enable command.

You can enable logging to individual logging destinations with the following commands:

•logging asdm

•logging buffered

•logging console

•logging history

•logging mail

•logging monitor

•logging trap

Examples

This example shows how to enable logging. The output of the show logging command illustrates how each possible logging destination must be enabled separately.

hostname(config)# logging enable

hostname(config)# show logging

Syslog logging: enabled

    Facility: 20

    Timestamp logging: disabled

    Standby logging: disabled

    Deny Conn when Queue Full: disabled

    Console logging: disabled

    Monitor logging: disabled

    Buffer logging: disabled

    Trap logging: disabled

    History logging: disabled

    Device ID: disabled

    Mail logging: disabled

    ASDM logging: disabled

Related Commands

Command	Description
show logging	Displays the enabled logging options.
show running-config logging	Displays the logging-related portion of the running configuration.

logging facility

To specify the logging facility used for messages sent to syslog servers, use the logging facility command in global configuration mode. To reset the logging facility to its default of 20, use the no form of this command.

logging facility  facility

no logging facility 

Syntax Description

facility

Specifies the syslog facility; valid values are 16 through 23.

Defaults

The default facility is 20 (LOCAL4).

Command Modes

The following table shows the modes in which you can enter the command, with the exceptions noted above in the Syntax Description section:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
Preexisting	This command was preexisting.

Usage Guidelines

Syslog servers file messages based on the facility number in the message. There ar