VPN Connections

Unanswered Question

You can configure the ASA to send syslogs, that indicate which users logon and which time from which IP address.

A good feature packed syslog server is "syslog-ng" which runs on Linux. If you want windows - then KiwiSyslog is good, plenty of features, but if you just want logging & search capabilites without buying it , it's ideal.


login username information can be found in:-

"debug" level, messages


TCP/UDP connection information per user can be found in:-

"info" level, messages

6-302013, 6-302014

Sadly both debug, and info levels do send high amount of traffic, but if you have bought KiwiSyslog - you can filter and save disk space!


Never actually done it before, but looking at the command line something like:-

logging list test-log-filter message 715046

logging list test-log-filter message 715047

logging list test-log-filter message 715075

logging list test-log-filter message 715036

logging list test-log-filter level Debugging class auth

I think you will have to play with it, someother netpro's might have done this before....or you could see if there is a way to do it from the asdm?


mitchen Tue, 09/02/2008 - 06:44

I'd be interested in knowing a solution to this too if anyone else has any ideas?

(Have tried the suggestion above but it doesn't seem to be doing it for me although hopefully its along the right lines and maybe just some further tweaking is required?)



This Discussion