Cisco ASA

Logs Collected

The Cisco ASA log information is sent over the syslog protocol and from that point the BindPlane Logs Agent listens on a port to collect that information and sends it to Google Stackdriver Logging. Below are examples of the logs that are collected and sent to Google Stackdriver Logging.

1878

Cisco ASA Log with a Severity Level of ERROR

1878

Cisco ASA Log with a Severity Level of INFO

1882

Cisco ASA Log with a Severity Level of NOTICE

1880

Cisco ASA Log with a Severity Level of WARN

Log Collection Setup

Pre-requisites

Follow the steps to Configure Syslog for ASA.

🚧

Add Timestamps to Syslogs

For proper functionality, timestamps need to be enabled for ASA syslogs
To learn how, please read Add Timestamps to Syslog.

Configure a Cisco ASA Log Source

  1. Install the BindPlane Log Agent on the host system.
  2. Login to BindPlane and select the Logs tab.
284

Logs Tab

  1. Select the Sources tab.
249

Sources Tab

  1. In the top-right portion of the screen, click on the Add Source Configuration button
576

Add Source Configuration Button

  1. Choose Cisco ASA
  2. Fill out the IP address to listen for and the port to listen on
866

Cisco ASA Log Configuration Form