Cisco Cisco ASA 5510 Adaptive Security Appliance Fehlerbehebungsanleitung
Output of show logging queue
With a configuration such as the above, where multiple destinations are receiving large amounts of log
messages, you can run into a situation where the ASA drops syslog messages due to an overflow of the
logging queue. In such cases, the output will appear similar to this:
messages, you can run into a situation where the ASA drops syslog messages due to an overflow of the
logging queue. In such cases, the output will appear similar to this:
ciscoasa# show logging queue
Logging Queue length limit : 512 msg(s)
2352325 msg(s) discarded due to queue overflow
0 msg(s) discarded due to memory allocation failure
Current 512 msg on queue, 512 msgs most on queue
By default, the logging queue holds 512 messages.
Common Problems
When running into issues where syslog messages are not being recorded, consider these options:
Disable console logging. Logging in to the console should not be enabled for normal operation.
Console logging should be used only for real−time troubleshooting, with either low logging level or
low traffic. Logging in to the console at a high rate will cause the logging process to severely
rate−limit the messages. The console is only capable of logging messages at 9600 bps, and it does not
take a of logs before it starts trying to dump more to the console than the console can output to the
screen. In this situation, the logs will start to be buffered in the logging queue. Once the logging
queue fills up, messages will be tail−dropped.
Console logging should be used only for real−time troubleshooting, with either low logging level or
low traffic. Logging in to the console at a high rate will cause the logging process to severely
rate−limit the messages. The console is only capable of logging messages at 9600 bps, and it does not
take a of logs before it starts trying to dump more to the console than the console can output to the
screen. In this situation, the logs will start to be buffered in the logging queue. Once the logging
queue fills up, messages will be tail−dropped.
•
Increase the size of the logging queue beyond 512. The maximum logging queue is 1024 on the
ASA−5505, 2048 on the ASA−5510, and 8192 on all other platforms. Note: The logging queue is
used for "bursts" of syslogs. If the sustained rate of syslogs is faster than the ASA can transmit them
to the various destinations, no logging queue limit will be large enough.
ASA−5505, 2048 on the ASA−5510, and 8192 on all other platforms. Note: The logging queue is
used for "bursts" of syslogs. If the sustained rate of syslogs is faster than the ASA can transmit them
to the various destinations, no logging queue limit will be large enough.
•
Disable individual syslog messages that you are not interested in archiving. Issue the no logging
message <syslog_id> command in order to disable individual syslogs.
message <syslog_id> command in order to disable individual syslogs.
•
Be careful of logging messages to the disk (flash) of the ASA. Writing to the flash is a very slow
operation. Excessive logging to flash will cause the ASA to buffer the syslog files up in memory,
eventually depleting all available memory (RAM). Additionally, logging large amounts of syslog
messages to flash may elevate the CPU. It is recommended to only log Level 1 messages to flash
(which cover critical system events).
operation. Excessive logging to flash will cause the ASA to buffer the syslog files up in memory,
eventually depleting all available memory (RAM). Additionally, logging large amounts of syslog
messages to flash may elevate the CPU. It is recommended to only log Level 1 messages to flash
(which cover critical system events).
•
Related Information
Technical Support & Documentation − Cisco Systems
•
Contacts & Feedback | Help | Site Map
© 2014 − 2015 Cisco Systems, Inc. All rights reserved. Terms & Conditions | Privacy Statement | Cookie Policy | Trademarks of
Cisco Systems, Inc.
© 2014 − 2015 Cisco Systems, Inc. All rights reserved. Terms & Conditions | Privacy Statement | Cookie Policy | Trademarks of
Cisco Systems, Inc.
Updated: Jul 20, 2012
Document ID: 113603