What to log?

Unanswered Question
Jul 12th, 2007

Hi,

I've never worked with an ASA (5520) before but have managed to get it up and running and have everything configured. Tunnels are running, DMZ is working etc.

I set up a syslog server and what I'm struggling with now is what to log? I find it difficult to get a grip on what classes are important to log for security and usuage purposes. I'm hoping someone can point me in the correct direction and maybe give me some hints on what is important.

Thank you.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
gmarogi Wed, 07/18/2007 - 10:02

Cisco Security Monitoring, Analysis, and Response System (CS-MARS) provides real-time monitoring and incident response capabilities, which enable organizations to get the most value from the advanced inspection services of the Cisco ASA 5500 Series IPS Edition.

Actions

This Discussion