It is necessary to configure a Cisco device to send logs to a syslog-ng server.
Do the following on the Cisco device:
1. Under Configuration -> Properties -> Logging, do the following:
a. Logging Setup: Select enable logging.
b. Logging Filters: For both Syslog Servers and ASDM, set Filter On Severity to Informational.
c. Syslog Servers: Add the syslog-ng server.
2. In the Cisco device's security policy, do the following:
a. For each rule that needs to be logged, select enable logging.
b. Set the logging level to Warnings or lower; otherwise, traffic logs will be sent to the syslog-ng server only if this is a "deny" rule.