Table Of Contents

logging asdm through logout Commands

logging asdm

logging asdm-buffer-size

logging buffered

logging buffer-size

logging class

logging console

logging debug-trace

logging deny-conn-queue-full

logging device-id

logging emblem

logging enable

logging facility

logging flash-bufferwrap

logging flash-maximum-allocation

logging flash-minimum-free

logging from-address

logging ftp-bufferwrap

logging ftp-server

logging history

logging host

logging list

logging mail

logging message

logging monitor

logging permit-hostdown

logging queue

logging rate-limit

logging recipient-address

logging savelog

logging standby

logging timestamp

logging trap

login

logout

logging asdm through logout Commands

---

logging asdm

To send system log messages to ASDM, use the logging asdm command in global configuration mode. To disable logging to ASDM, use the no form of this command.

logging asdm [message_list | level]

no logging asdm [message_list | level]

Syntax Description

level

Sets the maximum level for system log messages. For example, if you set the level to 3, then the FWSM generates system log messages for level 3, 2, 1, and 0. You can specify either the number or the name, as follows: •0 or emergencies—System unusable. •1 or alerts—Take immediate action. •2 or critical—Critical condition. •3 or errors—Error. •4 or warnings—Warning. •5 or notifications—Normal but significant condition. •6 or informational—Information. •7 or debugging—Debug messages, log FTP commands, and WWW URLs.

message_list

Specifies the name of the list that identifies the messages to be sent to ASDM. For information about creating lists, see the logging list command.

Defaults

ASDM logging is disabled by default.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
3.1(1)	This command was introduced.

Usage Guidelines

Before any messages are sent to ASDM, you must enable system logging using the logging enable command.

When the ASDM log buffer is full, the FWSM deletes the oldest message to make room in the buffer for new messages. To control the number of system log messages retained in the ASDM log buffer, use the logging asdm-buffer-size command.

The ASDM log buffer is a different buffer than the internal log buffer enabled by the logging buffered command. The FWSM only places messages in the ASDM log buffer if they are destined to be sent to ASDM.

Examples

The following example shows how to enable logging and send to the ASDM log buffer messages of severity levels 0, 1, and 2. It also shows how to set the ASDM log buffer size to 200 messages.

hostname(config)# logging enable

hostname(config)# logging asdm 2

hostname(config)# logging asdm-buffer-size 200

hostname(config)# show logging

Syslog logging: enabled

    Facility: 20

    Timestamp logging: disabled

    Standby logging: disabled

    Deny Conn when Queue Full: disabled

    Console logging: disabled

    Monitor logging: disabled

    Buffer logging: disabled

    Trap logging: disabled

    History logging: disabled

    Device ID: disabled

    Mail logging: disabled

    ASDM logging: level critical, 48 messages logged

Related Commands

Command	Description
clear logging asdm	Clears the ASDM log buffer of all of the system log messages it contains.
logging asdm-buffer-size	Specifies the number of ASDM messages retained in the ASDM log buffer.

logging asdm-buffer-size

To specify the number of system log messages retained in the ASDM log buffer, use the logging asdm-buffer-size command in global configuration mode. To reset the ASDM log buffer to its default size of 100 messages, use the no form of this command.

logging asdm-buffer-size num_of_msgs

no logging asdm-buffer-size num_of_msgs

Syntax Description

num_of_msgs

Specifies the number of system log messages that the FWSM retains in the ASDM log buffer.

Defaults

The default ASDM system log buffer size is 100 messages.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
3.1(1)	This command was introduced.

Usage Guidelines

When the ASDM log buffer is full, FWSM deletes the oldest message to make room in the buffer for new messages. To control whether logging to the ASDM log buffer is enabled or to control the kind of system log messages retained in the ASDM log buffer, use the logging asdm command.

The ASDM log buffer is a different buffer than the internal log buffer enabled by the logging buffered command. The FWSM only places messages in the ASDM log buffer if they are destined to be sent to ASDM.

Examples

The following example shows how enable logging and send to the ASDM log buffer messages of severity levels 0, 1, and 2. It also shows how to set the ASDM log buffer size to 200 messages.

hostname(config)# logging enable

hostname(config)# logging asdm 2

hostname(config)# logging asdm-buffer-size 200

hostname(config)# show logging

Syslog logging: enabled

    Facility: 20

    Timestamp logging: disabled

    Standby logging: disabled

    Deny Conn when Queue Full: disabled

    Console logging: disabled

    Monitor logging: disabled

    Buffer logging: disabled

    Trap logging: disabled

    History logging: disabled

    Device ID: disabled

    Mail logging: disabled

    ASDM logging: level critical, 48 messages logged

Related Commands

Command	Description
clear logging asdm	Clears the ASDM log buffer of all of the system log messages it contains.
logging asdm	Enables logging to the ASDM log buffer.
logging enable	Enables logging to all specified output locations.
show logging	Displays the enabled logging options.
show running-config logging	Displays the currently running logging configuration.

logging buffered

To enable the FWSM to save system log messages in the log buffer, use the logging buffered command in global configuration mode. To disable logging to the log buffer, use the no form of this command.

logging buffered [message_list | level]

no logging buffered [message_list | level]

Syntax Description

level

Sets the maximum level for system log messages. For example, if you set the level to 3, then the FWSM generates system log messages for level 3, 2, 1, and 0. You can specify either the number or the name, as follows: •0 or emergencies—System unusable. •1 or alerts—Take immediate action. •2 or critical—Critical condition. •3 or errors—Error. •4 or warnings—Warning. •5 or notifications—Normal but significant condition. •6 or informational—Information. •7 or debugging—Debug messages, log FTP commands, and WWW URLs.

message_list

Specifies the list that identifies the messages to send to the internal log buffer. For information about creating message lists, see the logging list command.

Defaults

The defaults are as follows:

•Logging to the internal log buffer is disabled.

•Log buffer size is 4 KB.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
3.1(1)	This command was introduced.

Usage Guidelines

For the FWSM to generate system log messages, you must enable logging using the logging enable command. Use the logging buffered command to specify the internal log buffer as an output destination.

The FWSM appends new messages to the end of the log buffer. When the log buffer is full, it "wraps" to the first message in the buffer. Unless configured otherwise, the FWSM writes over messages, oldest message first, when new messages are generated.

You can configure the FWSM so that the log buffer content is automatically saved each time the buffer wraps. For more information, see the logging flash-bufferwrap and logging ftp-bufferwrap commands.

In addition, you can you can save the buffer contents at any time to internal Flash memory. For more information, see the logging savelog command.

System log messages in the internal buffer can be viewed with the show logging command.

Examples

The following example configures logging to the buffer for level 0 and level 1 events:

hostname(config)# logging buffered alerts

hostname(config)#

The following example creates a list named notif-list with a maximum logging level of 7 and configures logging to the buffer for system log messages identified by the notif-list message list that you created.

hostname(config)# logging list notif-list level 7

hostname(config)# logging buffered notif-list

hostname(config)#

Related Commands

Command	Description
clear logging buffer	Clears the log buffer of all system log messages it contains.
logging buffer-size	Specifies log buffer size.
logging flash-bufferwrap	Writes the log buffer to internal Flash memory when the log buffer wraps.
logging ftp-bufferwrap	Sends the log buffer to an FTP server when the log buffer wraps.
logging list	Creates a reusable list of message selection criteria.
logging savelog	Saves the contents of the log buffer to internal Flash memory.

logging buffer-size

To specify the size of the system log buffer, use the logging buffer-size command in global configuration mode. To reset the system log buffer to its default size of 4 KB of memory, use the no form of this command.

logging buffer-size bytes

no logging buffer-size bytes

Syntax Description

bytes

Sets the amount of memory used for the log buffer, in bytes. For example, if you specify 8192, the FWSM uses 8 KB of memory for the log buffer.

Defaults

The log buffer size is 4 KB of memory.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
3.1(1)	This command was introduced.

Usage Guidelines

To see whether the FWSM is using a log buffer of a size other than the default buffer size, use the show running-config logging command. If the logging buffer size is not shown, then the FWSM uses a log buffer size of 4 KB.

For more information about how the FWSM uses the system log buffer, see the logging buffered command.

Examples

This example enables system logging, enables the system log buffer as a log output destination, and specifies that the FWSM uses 16 KB of memory for the log buffer:

hostname(config)# logging enable

hostname(config)# logging buffered

hostname(config)# logging buffer-size 16384

hostname(config)# 

Related Commands

Command	Description
clear logging buffer	Clears the log buffer of all system log messages it contains.
logging buffered	Enables logging to the system log buffer.
logging flash-bufferwrap	Writes the contents of the system log buffer to internal Flash memory when the log buffer wraps.
logging savelog	Saves the contents of the log buffer to internal Flash memory.
show logging	Displays the contents of the internal log buffer and the enabled logging options.

logging class

To specify an output destination for an entire class of messages, use the logging class command in global configuration mode. To remove the output destination for a messages class, use the no form of the command.

logging class message_class output_destination [severity_level]

no logging class class

Syntax Description

class	Specifies the message class to be sent to the specified output destination. For valid values of class, see the "Usage Guidelines" section that follows.
destination	Specifies a log output destination for class. For valid values of output_destination, see the "Usage Guidelines" section that follows.
level	Sets the maximum level for system log messages. For example, if you set the level to 3, then the FWSM generates system log messages for level 3, 2, 1, and 0. You can specify either the number or the name, as follows: •0 or emergencies—System unusable. •1 or alerts—Take immediate action. •2 or critical—Critical condition. •3 or errors—Error. •4 or warnings—Warning. •5 or notifications—Normal but significant condition. •6 or informational—Information. •7 or debugging—Debug messages, log FTP commands, and WWW URLs.

Defaults

By default, the FWSM does not apply logging levels on a logging destination and message class basis. Instead, each enabled logging destination receives messages for all classes at the logging level determined by the logging list or level specified when you enabled the logging destination.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
3.1(1)	This command was introduced.

Usage Guidelines

Valid values for class are as follows:

•auth—User authentication

•bridge—Transparent firewall

•ca—PKI certificate authority

•config—Command interface

•email—Email proxy

•ha—Failover

•ids—Intrusion detection system

•ip—IP stack

•np—Network processor

•ospf—OSPF routing

•rip—RIP routing

•session—User session

•snmp—SNMP

•sys—System

•vpn—IKE and IPSec

•vpnc—VPN client

•vpnfo—VPN failover

•vpnlb—VPN load balancing

Valid logging destinations are as follows:

•asdm—To learn about this destination, see the logging asdm command.

•buffered—To learn about this destination, see the logging buffered command.

•console—To learn about this destination, see the logging console command.

•history—To learn about this destination, see the logging history command.

•mail—To learn about this destination, see the logging mail command.

•monitor—To learn about this destination, see the logging monitor command.

•trap—To learn about this destination, see the logging trap command.

Examples

The following example specifies that, for Failover-related messages, the maximum logging level for the ASDM log buffer is 2 and the maximum logging level for the system log buffer is 7:

hostname(config)# logging class ha asdm 2 buffered 7

hostname(config)# 

Related Commands

Command	Description
logging enable	Enables logging.
show logging	Displays the enabled logging options.
show running-config logging	Displays the logging-related portion of the running configuration.

logging console

To enable the FWSM to display system log messages in console sessions, use the logging console command in global configuration mode. To disable the display of system log messages in console sessions, use the no form of this command.

logging console [message_list | level]

no logging console

---

Note We recommend that you do not use this command because it may cause many system log messages to be dropped due to buffer overflow. For more information, see the "Usage Guidelines" section that follows.

---

Syntax Description

level

Sets the maximum level for system log messages. For example, if you set the level to 3, then the FWSM generates system log messages for level 3, 2, 1, and 0. You can specify either the number or the name, as follows: •0 or emergencies—System unusable. •1 or alerts—Take immediate action. •2 or critical—Critical condition. •3 or errors—Error. •4 or warnings—Warning. •5 or notifications—Normal but significant condition. •6 or informational—Information. •7 or debugging—Debug messages, log FTP commands, and WWW URLs.

message_list

Specifies the list that identifies the messages to send to the console session. For information about creating lists, see the logging list command.

Defaults

The FWSM does not display system log messages in console sessions by default.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
Preexisting	This command was preexisting.

Usage Guidelines

Before any messages are sent to the console, you must enable system logging using the logging enable command.

---

Caution Using the logging console command could drastically degrade system performance. Instead, use the logging buffered command to designate the internal log buffer as an output destination, then use the show logging command to see the messages. To make viewing the most current messages easier, use the clear logging buffer command to clear the buffer.

---

Examples

This example shows how to enable system log messages of levels 0, 1, 2, and 3 to appears in console sessions:

hostname(config)# logging enable

hostname(config)# logging console errors

hostname(config)# 

Related Commands

Command	Description
logging enable	Enables logging to all specified output destinations.
logging list	Creates a reusable list of message selection criteria.
show logging	Displays the contents of the internal log buffer and the enabled logging options.
show running-config logging	Displays the logging-related portion of the running configuration.

logging debug-trace

To redirect debugging messages to logs such as system log message 711011 issued at severity level 7, use the logging debug-trace command in global configuration mode. To stop sending debugging messages to logs, use the no form of this command.

logging debug-trace

no logging debug-trace

Syntax Description

This command has no arguments or keywords.

Defaults

By default, the FWSM does not include debugging output in system log messages.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
3.1(1)	This command was introduced.

Usage Guidelines

Debugging messages are generated as severity level 7 messages. They appear in logs with the system log message number 711011.

Examples

The following example shows how to enable logging, send log messages to the log buffer, redirect debugging output to logs, and turn on debugging disk activity.

hostname(config)# logging enable

hostname(config)# logging buffered

hostname(config)# logging debug-trace

hostname(config)# debug disk filesystem

An example of a debug message that could appear in the logs follows:

%FWSM-7-711001: IFS: Read: fd 3, bytes 4096

Related Commands

Command	Description
logging enable	Enables logging to all output destinations.
show logging	Displays the contents of the internal log buffer and the enabled logging options.
show running-config logging	Displays the logging-related portion of the running configuration.

logging deny-conn-queue-full

To prevent the creation of new transit connections through the FWSM when the logging queue is full, use the logging deny-conn-queue-full command in global configuration mode. To allow the creation of new transit connections through the FWSM when the logging queue is full, use the no form of this command.

logging deny-conn-queue-full

no logging deny-conn-queue-full

Syntax Description

deny-conn-queue-full

This option does not allow the creation of new transit connections through the FWSM when the logging queue is full. Note If the logging queue is set to zero, the queue will be the maximum configurable size (8192 messages).

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
3.1	This command was introduced.

Usage Guidelines

When traffic is so heavy that the logging queue fills up, the FWSM might discard messages. You can prevent the creation of new transit connections through the FWSM to avoid discarding messages.

Examples

The following example shows how to display the output of the logging deny-conn-queue-full and show logging queue commands:

hostname(config)# logging deny-conn-queue-full 

hostname(config)# show logging queue

Logging Queue length limit: Unlimited

1 msg(s) discarded due to queue overflow

Current 5 msgs on queue, 3513 msgs most on queue

In this example, the logging deny-conn-queue-full command prevents the creation of new transit connections through the FWSM when the logging queue is full. The system log messages currently in the queue are processed by the FWSM in the manner specified by the current logging configuration, such as sending system log messages to e-mail recipients, saving buffer overflows to internal flash memory, and so on. The logging queue does not discard any messages.

The sample output of the show logging queue command shows the following:

•Five messages are queued.

•The largest number of messages in the queue at one time since the FWSM was last booted was 3513.

•One message was discarded.

Even though the queue length was set for unlimited, a message was discarded because no block memory was available to add the message to the queue.

Related Commands

Command	Description
logging queue	Specifies how many system log messages that the FWSM can hold in its system log queue before processing them.
show logging queue	Displays system log messages currently in the logging queue.

logging device-id

To configure the FWSM to include a device ID in non-EMBLEM-format system log messages, use the logging device-id command in global configuration mode. To disable the inclusion of a device ID in messages, use the no form of this command.

logging device-id {context-name | hostname | ipaddress interface_name | string text}

no logging device-id {context-name | hostname | ipaddress interface_name | string text}

Syntax Description

context-name	Use the name of the current context as the device ID.
hostname	Use the hostname of the FWSM as the device ID.
ipaddress interface_name	Use as the device ID the IP address of the interface specified as interface_name. If you use the ipaddress keyword, system log messages sent to an external server contain the IP address of the interface specified, regardless of which interface the FWSM uses to send the log data to the external server.
string text	Use as the device ID the characters contained in text, which can be up to 16 characters long. You cannot use white space characters or any of the following characters in text: •&—ampersand •'—single quote •"—double quote •<—less than •>—greater than •?—question mark

Defaults

No default device ID is used in system log messages.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
3.1(1)	This command was introduced.

Usage Guidelines

If you use the ipaddress keyword, the device ID becomes the specified FWSM interface IP address, regardless of the interface from which the message is sent. This keyword provides a single, consistent device ID for all messages that are sent from the device.

Examples

The following example shows how to specify a device ID of secappl-1 and the output from the show logging command:

hostname(config)# logging device-id secappl1

hostname(config)# show logging

Syslog logging: disabled

Facility: 20

Timestamp logging: disabled

Standby logging: disabled

Console logging: disabled

Monitor logging: disabled

Buffer logging: level informational, 991 messages logged

Trap logging: disabled

History logging: disabled

Device ID: hostname "secappl-1"

In system log messages, the hostname secappl-1 appears at the beginning of the message, such as the following:

secappl-1 %FWSM-5-111008: User 'enable_15' executed the 'logging buffer-size 4096' 
command.

Related Commands

Command	Description
logging enable	Enables logging to all specified output destinations.
show logging	Displays contents of the internal log buffer and the enabled logging options.
show running-config logging	Displays the logging-related portion of the running configuration.

logging emblem

To use the EMBLEM format for system log messages that are sent to output destinations other than a system log server, use the logging emblem command in global configuration mode. To disable the use of the EMBLEM format, use the no form of this command.

logging emblem

no logging emblem

Syntax Description

This command has no arguments or keywords.

Defaults

By default, the FWSM does not use EMBLEM format for system log messages.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
3.1(1)	This command was introduced.

Usage Guidelines

The logging emblem command enables you to configure the FWSM to use the EMBLEM-format for all messages being sent to output destinations other than to system log servers; specifically, messages sent to one or more e-mail addresses, the internal log buffer, ASDM, a Telnet session, or an SNMP management station use the EMBLEM-format. If you also enable the logging timestamp keyword, the messages also include a timestamp.

To enable EMBLEM-format logging for system log servers, use the format emblem option with the logging host command.

Examples

The following example shows how to enable logging and enable the use of EMBLEM-format for logging to all logging destinations except system log servers:

hostname(config)# logging enable

hostname(config)# logging emblem

hostname(config)# 

Related Commands

Command	Description
logging enable	Enables logging.
show logging	Displays the enabled logging options.
show running-config logging	Displays the logging-related portion of the running configuration.

logging enable

To enable logging for all configured output locations, use the logging enable command in global configuration mode. To disable logging for all configured output locations, use the no form of this command.

logging enable

no logging enable

Syntax Description

This command has no arguments or keywords.

Defaults

Logging is disabled by default.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
3.1(1)	This command was introduced.

Usage Guidelines

The logging enable command lets you to enable or disable sending system log messages to all configured log output destinations. You can stop all logging with the no logging enable command.

You can specify destinations where log output should be sent with the following commands:

•logging asdm

•logging buffered

•logging console

•logging history

•logging mail

•logging monitor

•logging trap

Examples

The following example shows how to enable logging. The sample output of the show logging command illustrates that each possible logging destination is enabled separately.

hostname(config)# logging enable

hostname(config)# show logging

Syslog logging: enabled

    Facility: 20

    Timestamp logging: disabled

    Standby logging: disabled

    Deny Conn when Queue Full: disabled

    Console logging: disabled

    Monitor logging: disabled

    Buffer logging: disabled

    Trap logging: disabled

    History logging: disabled