ASA monitoring

cbily · ‎07-12-2012

I can monitor site-to-site connections and user VPNs with no problem. I can't seem to monitor my firewall/rules real time. I want to filter on certain addresses. I have a 5520. Any help is appreciated.

Thanks,

Charlie

Karsten Iwen · ‎07-13-2012

you can monitor them in realtime if you enable logging via syslog. There you can use tail/grep or whatever fits your needs.

Sent from Cisco Technical Support iPad App

Ramraj Sivagnanam Sivajanam · ‎07-15-2012

Hi Bro

That's true what has been said by Karsten Iwen. You'll need to enable logging in your Cisco ASA Firewall, and you'll be able to view your Firewall rules real time (provided there's the keyword "log" at the end of the rule sentence).

The example shown below is about viewing your Firewall rules real time via the console (Firewall buffer);

FW1# show run logging
logging enable
logging timestamp
logging list TEST1 message 106100
logging buffered TEST1
logging device-id hostname

Jul 16 2012 12:46:13 FW1 : %ASA-6-106100: access-list inside permitted tcp inside/172.29.26.17(2678) -> outside/172.29.209.144(139) hit-cnt 1 first hit [0xd9e2aa06, 0x0]
Jul 16 2012 12:46:13 FW1 : %ASA-6-106100: access-list inside permitted tcp inside/172.29.26.12(2539) -> outside/172.29.209.144(445) hit-cnt 1 first hit [0xd9e2aa06, 0x0]

Please help to rate the comments provided, if you find it useful :-)

Warm regards,
Ramraj Sivagnanam Sivajanam