While reviewing the ASA logs in relation to a large wireless metering project in WA, i came across a number of log entries that were just there (hundreds of thousands of them), so here’s how to disable them:
%ASA-6-302013: Built inbound TCP connection……
%ASA-6-302013: Built inbound TCP connection…..
%ASA-6-302015: Built outbound UDP connection…..
%ASA-6-302014: Teardown TCP connection…….
%ASA-6-302013: Built inbound TCP connection ………
%ASA-6-302020: Built outbound ICMP connection………
%ASA-6-302013: Built inbound TCP connection……
To exclude these types of log messages from being recorded. Simply login to the CLI and type the following:
ASA#config t
ASA(config)#no logging message 302016
Each log message has a syslog-id which is the 6 digit number. If there are additional types of logs you want to block, simply repeat the command above for each syslog-id. Link to the massive list of syslog-id messages and their descriptions:
http://www.cisco.com/c/en/us/td/docs/security/asa/syslog-guide/syslogs/logmsgs.html
And the command reference:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/command/reference/cmd_ref/l2.html#wp1773284
MystaJoneS 