Das Syslog auf der Cisco ASA ist sehr geschwätzig und viele Nachrichten sind für das nachvollziehen von Verbindungen nicht notwendig.
Cisco Syslog Messages ASA: http://www.cisco.com/c/en/us/td/docs/security/asa/syslog/b_syslog.html
Folgende Syslog Typen lassen sich problemlos deaktivieren:
no logging message 302012 | Error Message %ASA-6-302012: Pre-allocate H225 Call Signalling Connection for faddr IP_address /port to laddr IP_address |
no logging message 302013 | Error Message%ASA-6-302013: Built {inbound|outbound} TCP connection_id for interface :real-address /real-port (mapped-address/mapped-port ) [(idfw_user )] to interface :real-address /real-port (mapped-address/mapped-port ) [(idfw_user )] [(user )] |
no logging message 302014 | Error Message %ASA-6-302014: Teardown TCP connection id for interface :real-address /real-port [(idfw_user )] to interface :real-address /real-port [(idfw_user )] duration hh:mm:ss bytes bytes [reason ] [(user )] |
no logging message 302015 | Error Message %ASA-6-302015: Built {inbound|outbound} UDP connection number for interface_name :real_address /real_port (mapped_address /mapped_port ) [(idfw_user )] to interface_name :real_address /real_port (mapped_address /mapped_port )[(idfw_user )] [(user )] |
no logging message 302016 | Error Message %ASA-6-302016: Teardown UDP connection number for interface :real-address /real-port [(idfw_user )] to interface :real-address /real-port [(idfw_user )] duration hh :mm :ss bytes bytes [(user )] |
no logging message 302020 | Error Message %ASA-6-302020: Built {in | out} bound ICMP connection for faddr {faddr | icmp_seq_num } [(idfw_user )] gaddr {gaddr | cmp_type } laddr laddr [(idfw_user )] type {type } code {code } |
no logging message 302021 | Error Message %ASA-6-302021: Teardown ICMP connection for faddr {faddr | icmp_seq_num } [(idfw_user )] gaddr {gaddr | cmp_type } laddr laddr [(idfw_user )] (981) type {type } code {code } |
no logging message 305011 | Error Message %ASA-6-305011: Built {dynamic|static} {TCP|UDP|ICMP} translation from interface_name :real_address/real_port [(idfw_user )] to interface_name :mapped_address/mapped_port |
no logging message 305012 | Error Message %ASA-6-305012: Teardown {dynamic|static} {TCP|UDP|ICMP} translation from interface_name [(acl-name )]:real_address /{real_port |real_ICMP_ID } [(idfw_user )] to interface_name :mapped_address /{mapped_port |mapped_ICMP_ID } duration time |
Optional: | |
no logging message 302017 | Error Message %ASA-6-302017: Built {inbound|outbound} GRE connection id from interface :real_address (translated_address ) [(idfw_user )] to interface :real_address /real_cid (translated_address /translated_cid ) [(idfw_user )] [(user ) |
no logging message 302018 | Error Message %ASA-6-302018: Teardown GRE connection id from interface :real_address (translated_address ) [(idfw_user )] to interface :real_address /real_cid (translated_address /translated_cid ) [(idfw_user )] duration hh :mm :ss bytes bytes [(user )] |
Config:
no logging message 302012 no logging message 302013 no logging message 302014 no logging message 302015 no logging message 302016 no logging message 302020 no logging message 302021 no logging message 305011 no logging message 305012 ! Optional no logging message 302017 no logging message 302018