10-08-2008 02:25 PM - edited 03-11-2019 06:55 AM
Is there a way to log full URI information from the ASA? We are losing our proxy servers and I need a way to continue to collect full URIs with parameters.
Thanks,
Dale
10-08-2008 05:01 PM
logging on
logging timestamp
logging host inside x.x.x.x
logging trap 6
now you will see full URL on the syslog
server.
Easy right?
10-08-2008 05:57 PM
Sounds easy...that will show all URI information, including parameters that might be sent? With all the other things included at trap 6, is that going to be too much logging for an ASA on a busy 200 Mbps synchronous Internet connection and DMZ servers that are accessed from the inside network too?
10-08-2008 06:14 PM
"Sounds easy...that will show all URI information, including parameters that might be sent? With all the other things included at trap 6,"
The answer is YES. However, you can reduce
the level of logging by disabling all the
craps that comes with level 6 with "no
logging message xxxxx". Read the mannual
and it will show you. URL logging on the
ASA will show you like http://www.playboy.com/playmatedec2008/carol,down to the image level. Very detailed log
on the ASA.
"is that going to be too much logging for an ASA on a busy 200 Mbps synchronous Internet connection and DMZ servers that are accessed from the inside network too".
I can NOT answer that question because
I do not know your traffics patterns. I
use Checkpoint Secureplatform NGx R65 running on an IBM Server X-3650, dual processors quad-core 3.16Ghz with 4GB RAM
and I push about 900Mbps throughput with
about 100,000 connections without any isssues.
I would guess an ASA 5520 with 200Mbps
traffics should not be an issue.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: