About System Log Activity

When you set up a new rule, you can specify how often and at what severity level you want to collect its activity. To do this, you can select the corresponding severity levels and then choose the frequency of data collection. This will ensure that you have the necessary information to monitor and analyze the activity generated by your rules.

Note

ASA does not generate syslog messages with a severity level of zero (emergencies).

You have the option to adjust the logging interval, which indicates how frequently the log records are updated. This interval is measured in seconds and can be set from 1 to 600. By default, the interval is set to 300 seconds. This interval value is also utilized as a timeout period for removing an inactive flow from the cache that collects drop statistics.

Log Rule Activity

Security Level

Description

emergencies

System is unusable.

alert

Immediate action is needed.

critical

Critical conditions.

error

Error conditions.

warning

Warning conditions.

notification

Normal but significant conditions.

informational

Informational messages only.

debugging

Debugging messages only.