Log full URIs including parameters

Unanswered Question
Oct 8th, 2008

Is there a way to log full URI information from the ASA? We are losing our proxy servers and I need a way to continue to collect full URIs with parameters.

Thanks,

Dale

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
cisco24x7 Wed, 10/08/2008 - 17:01

logging on

logging timestamp

logging host inside x.x.x.x

logging trap 6

now you will see full URL on the syslog

server.

Easy right?

drountree Wed, 10/08/2008 - 17:57

Sounds easy...that will show all URI information, including parameters that might be sent? With all the other things included at trap 6, is that going to be too much logging for an ASA on a busy 200 Mbps synchronous Internet connection and DMZ servers that are accessed from the inside network too?

cisco24x7 Wed, 10/08/2008 - 18:14

"Sounds easy...that will show all URI information, including parameters that might be sent? With all the other things included at trap 6,"

The answer is YES. However, you can reduce

the level of logging by disabling all the

craps that comes with level 6 with "no

logging message xxxxx". Read the mannual

and it will show you. URL logging on the

ASA will show you like http://www.playboy.com/playmatedec2008/carol,down to the image level. Very detailed log

on the ASA.

"is that going to be too much logging for an ASA on a busy 200 Mbps synchronous Internet connection and DMZ servers that are accessed from the inside network too".

I can NOT answer that question because

I do not know your traffics patterns. I

use Checkpoint Secureplatform NGx R65 running on an IBM Server X-3650, dual processors quad-core 3.16Ghz with 4GB RAM

and I push about 900Mbps throughput with

about 100,000 connections without any isssues.

I would guess an ASA 5520 with 200Mbps

traffics should not be an issue.

Actions

This Discussion