04-01-2010 02:57 PM
Does the ASA keep logs of SSL connections? If so, can I get history detail and go back as far as 2009?
What about remote access user detail?
Also, I’d like to automate the delivery of that logging information into Splunk. What options do I have?
Thanks,
GLH
Solved! Go to Solution.
04-02-2010 11:17 AM
04-03-2010 10:11 AM
Hello Greg,
In this case or any other case if you find the answer helpful, you can rate the answer by marking the question as correct.
This will also allow everybody else to know the resolution for this particular issue.
Thank you,
Federico.
04-01-2010 03:04 PM
Hi,
The ASA keeps logs of remote access connections.
You can't go back to 2009 unless you keep a syslog server with the log files.
The ASA by default log to its console, you can check them via a terminal session as well.
The ASA can log to its buffer, but there's a limit to the amount of logs, and the ASA will just re-write the old logs with the new ones.
Take a look at this link:
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/monitor_syslog.html
Federico.
04-02-2010 06:39 AM
Thanks Federico for the link and the information. This helps a bunch!
glh
04-02-2010 11:17 AM
Greg,
Don't forget to give Federico a good vote
04-03-2010 09:20 AM
Trippi -
Here is a dumb question how do I give him a vote? I logged in and couldn't
find where to vote.
Thanks,
Greg
04-03-2010 10:11 AM
Hello Greg,
In this case or any other case if you find the answer helpful, you can rate the answer by marking the question as correct.
This will also allow everybody else to know the resolution for this particular issue.
Thank you,
Federico.
04-03-2010 12:20 PM
Got it thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide