VPN System Logs

You can enable logging of VPN troubleshoot syslogs for threat defense devices. Logging information can help you identify and isolate network or device configuration problems. When you enable VPN logging, the threat defense devices send VPN syslogs to the management center.

All VPN syslogs appear with a default severity level errors or a higher severity (unless changed). You can manage the VPN logging through threat defense platform settings. You can adjust the message severity level by editing the VPN Logging Settings in the threat defense platform settings policy for targeted devices. See Configure Syslog Logging for Threat Defense Devices for details on enabling VPN logging, configuring syslog servers, and viewing the system logs.

We recommend that you set the logging level of the VPN logs as level 3 (Errors). Setting the VPN logging level to level 4 and above (Warnings, Notifications, Informational or Debugging) could overload the management center.

Note	When you configure a device with site-to-site or remote access VPN, it automatically enables sending VPN syslogs to the management center by default.