Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Capture of ASDM sessions on ASAs?

I have TACACS enabled on a number of ASAs, and make use of the accounting data as triggers for various events. Alas, this facility seems much less complete than on switches and routers, as one item I'm interested in trapping is the 'end' of an ASDM session. While 'starts' are captured, there seems to be nothing to signal a 'stop' (i.e. 'disc-cause' or similar.)

I'm trying to find an alternate method of capturing this (recognizing that an RFF would be the proper approach), though even that seems a challenge: I haven't yet come across any SNMP pollable MIB to identify what sessions exist, nor have I seen that any traps are available.

The CLI 'show asdm sessions' produces the target list, while using this method feels even more clunky than having to poll a MIB/look for a trap/log, etc.

Can anyone corroborate that this is the only alternative, or have I overlooked something in the MIBs?

  • Other Security Subjects