You have issued the logging enable command on an ASA with the default configuration.
Which of the following statements is true regarding the syslog messages that will be generated on this ASA by
default? (Select the best answer.)
A.
The ASA will generate syslog messages that include a date.
B.
The ASA will generate syslog messages that include a time.
C.
The ASA will not generate syslog messages with a severity of 0.
D.
The ASA will not generate syslog messages with a severity of 7.
E.
The ASA will send syslog messages to only the console.
Explanation:
A Cisco Adaptive Security Appliance (ASA) with a default configuration and logging enabled will not generate
system log (syslog) messages with a severity of 0. This value correlates with the severity of the event that
caused the message to be generated? higher values indicate a less severe event. Level 0 is an emergency
severity level and denotes that the system is unusable. Although an ASA will not generate syslog messages
with a severity level of 0, severity level 0 is supported on the ASA to ensure compatibility with the UNIX syslog
feature. The following table lists the syslog severity levels that can be generated by an ASA:
When an ASA is configured to direct syslog messages to a specific output location, it will include all messages
with a severity level value less than or equal to the severity level value configured for that particular location. For
example, if an ASA is configured to output syslog messages with a severity of 7 to the console, the ASA will
also output syslog messages with a severity less than 7 to the console. Therefore, the higher the severity level
configured on the ASA, the more syslog messages generated and transmitted to the configured logging
destinations.
An ASA with a default configuration and logging enabled will not send syslog messages to only the console.
Although syslog messages for all supported severity levels are generated once logging has been enabled, they
are not directed to a destination until an output location has been configured on the ASA. Syslog messages can
be directed to several different locations, including the ASA’s console port? a syslog server? a Simple NetworkManagement Protocol (SNMP) server? an email address? or a remote session, such as a Telnet session, a
Secure Shell (SSH) session, or a Cisco Adaptive Security Device Manager (ASDM) session. When configuring
a target location for syslog messages, you must also specify the severity level for the syslog messages that
should be directed to the target location. Because directing syslog messages to the console can degrade
system performance, Cisco recommends configuring the internal buffer as a destination for syslog messages
and then using the show logging command to manually view the buffered messages.
An ASA with a default configuration and logging enabled will not generate syslog messages that include a date
or time. Although the timestamp is not included by default, you can configure the syslog to include a timestamp
by issuing the logging timestamp command. In addition, you can configure the syslog to include a device ID by
issuing the logging deviceid command. The syntax for the logging deviceid command is logging deviceid
[contextname | hostname | ipaddress interfacename | string text].Cisco: Configuring Logging: Severity Levels
