Setting ASA syslog setting to information - ok?

Unanswered Question
May 2nd, 2008

I need to audit inbound connections to our ASA. It seems the only way is to set the Syslog settings on the ASA to informational, is this okfor the ASA? or very resourceful?

Worst thing is we only need to be notified when a server webserver gets access, so is there a better way?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smahbub Thu, 05/08/2008 - 07:36

syslog is meant for giving hints to the user or administrator about the problem or failures happend or going to happen as warning through error messages.Webserver access can also be checked throughj syslog.Refer the following url for more details on syslog:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml#capturevpn

To create a logging list to use in other commands to specify messages by various criteria (logging level, event class, and message IDs), use the logging list command in global configuration mode. To remove the list, use the no form of this command.

refer the url below for more info on "logging list":

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/l2.html#wp1731873

Actions

This Discussion