Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Set alert for ASA login

Guys,

Is there any option in ASA to set alerts such as email whenever somebody login to ASA through telnet, ssh or asdm?

How can I set this alert system?

1 ACCEPTED SOLUTION

Accepted Solutions
Super Bronze

Re: Set alert for ASA login

Hi,

At its very basic I would imagine you could need something like this

smtp-server

logging list LOGIN message 113012

logging list LOGIN message 113015

logging list LOGIN message 605004

logging list LOGIN message 605005

logging from-address

logging recipient-address level informational

logging mail LOGIN

The above configuration should send emails from succesfull and unsuccesfull logins.

This is something that I just quickly tested and there would probably be some other log messages IDs that could be added to the list LOGIN.

Do notice when you configure a  "logging mail LOGIN" this will mean that only the Syslog IDs mentioned in the list LOGIN will be sent to the email. I would recomend that you always use a list here and not just some logging level. Using a logging level instead of a specified list of Syslog IDs might generate a large amount of log messages sent and cause problems.

- Jouni

2 REPLIES
Super Bronze

Re: Set alert for ASA login

Hi,

At its very basic I would imagine you could need something like this

smtp-server

logging list LOGIN message 113012

logging list LOGIN message 113015

logging list LOGIN message 605004

logging list LOGIN message 605005

logging from-address

logging recipient-address level informational

logging mail LOGIN

The above configuration should send emails from succesfull and unsuccesfull logins.

This is something that I just quickly tested and there would probably be some other log messages IDs that could be added to the list LOGIN.

Do notice when you configure a  "logging mail LOGIN" this will mean that only the Syslog IDs mentioned in the list LOGIN will be sent to the email. I would recomend that you always use a list here and not just some logging level. Using a logging level instead of a specified list of Syslog IDs might generate a large amount of log messages sent and cause problems.

- Jouni

New Member

Set alert for ASA login

Hi Jouni,

Thanks very much. That is working great. But it was not reporting ASDM login. But I have found the solution.

logging list LOGIN message 606001

143
Views
0
Helpful
2
Replies