Cisco ASA Audit Event: 105516

105516: Incomplete read of header of message from peer unit

Cisco ASA is a security device that provides the combined capabilities of a firewall, an antivirus, and an intrusion prevention system. It also facilitates virtual private network (VPN) connections. It helps to detect threats and stop attacks before they spread through the network.

Message: %ASA-3-105516: (Primary|Secondary) Incomplete read of message header of message_name message from peer unit peer-ip: bytes bytes read of expected header_length header bytes.

Event 105516 is generated when the header of a message from the peer unit is incompletely read.The name of the message, the IP address of the peer unit, the number of bytes read, and the length of the message header are specified in the message.

How could you resolve this situation?

If the error was not caused by the failure of the peer unit, collect details about the events leading up to the error and contact Cisco TAC. The IP address of the peer unit, the number of bytes read, and the length of the message header are specified in the message.

Cisco ASA Auditing Tool

EventLog Analyzer is a comprehensive log management software with which you can centrally collect, analyze, and manage logs from all the different log sources in your network. You also get reports and alerts on your network security, making it a power-packed IT security tool.