This article will walk through the steps to configure Cisco ASA firewalls to send Syslog messages to the RocketAgent Syslog Server
Configure Basic Syslog with ASDM
This procedure demonstrates the ASDM configuration for all available Syslog destinations.
- In order to enable logging on the ASA, first, configure the basic logging parameters. Choose Configuration > Features > Properties > Logging > Logging Setup. Check the Enable logging check box in order to enable Syslog.
- In order to configure an external server as the destination for Syslogs, choose Syslog Servers in Logging and click Add in order to add a Syslog server.
- Choose the Appropriate Interface to send Syslog messages from.
- In the IP Address field, enter the IP address of the RocketAgent Syslog Server.
- Click on UDP
- Enter 514 in the Port field.
- Click Ok
- In order to enable logs to be sent to the RocketAgent Syslog Server, choose Logging Filters in the logging section. This presents you with each possible logging destination and the current level of logs that are sent to those destinations. Choose the Logging Destination for the RocketAgent Syslog Server (Syslog Servers) and click Edit.
- Choose Informational, from the Filter on severity drop-down list. Click OK when you are done.
- Click Apply after you return to the Logging Filters window.