Logging Abilities for ASA Firewall using the ASA-SSM-20 IPS module.

Answered Question
Jul 6th, 2009
User Badges:

Hi,


Please could someone give some advice on how to get the ASA-SSM-20 to log information to something like Kiwi Syslog services etc. We just need to get the alerts out of the IPS in order to build SMS/email functionality for alerting various response teams.


Thanks

Correct Answer by michael.d.brown... about 8 years 3 weeks ago

unfortantely, no syslog support

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807335ca.shtml


you can configure the rules to send snmp traps and you can pull events using SDEE, IPS Manager Express and Cisco MARS.


if you have logging enabled on the ASA a syslog msg will appear when the IPS is requesting or blocking traffic.


here is a link to the IPS configuration guides

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/tsd_products_support_configure.html

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
michael.d.brown... Mon, 07/06/2009 - 08:57
User Badges:

unfortantely, no syslog support

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807335ca.shtml


you can configure the rules to send snmp traps and you can pull events using SDEE, IPS Manager Express and Cisco MARS.


if you have logging enabled on the ASA a syslog msg will appear when the IPS is requesting or blocking traffic.


here is a link to the IPS configuration guides

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/tsd_products_support_configure.html

Actions

This Discussion