cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2345
Views
0
Helpful
2
Replies

ASA 8 admin login/logout syslog msg

draganskundric
Level 1
Level 1

Is it possible to configure ASA to generate syslog msg when admin user log in and log out=

br

2 Replies 2

Hi,

Yes, the ASA will log when a user/admin logs in/out

Check this example, I am connecting via SSH with my admin user fcoto:

%ASA-6-113012: AAA user authentication Successful : local database : user = fcoto
%ASA-6-113008: AAA transaction status ACCEPT : user = fcoto
%ASA-6-611101: User authentication succeeded: Uname: fcoto
%ASA-6-611101: User authentication succeeded: Uname: fcoto
%ASA-6-605005: Login permitted from x.x.x.x/2826 to outside:y.y.y.y/ssh for user "fcoto"

Then, as soon as I enter privilege mode, I change privilege and got this message:

%ASA-5-502103: User priv level changed: Uname: enable_15 From: 1 To: 15

The above logs you can configure them to just get them, or you will see them as part of the logs (depending on the severity level that you configure).

You can choose to just see some logs, to change the severity of these messages, to send them to a syslog server, etc.

Federico.

Hello,

Can you provide the cmds?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: