We currently run ASA 5520's at our CO and our Production Controls Manager is looking for an easy way to view the ASA logs for certain users activity and also for external IP's hitting our outside interface. I am not very knowlegeable when it comes to different industry standard/accepted solutions for logging so thats why I am here.
I know ASDM has a monitoring tab but I would prefer not to give him access into the ASA directly unless someone in the community knows how to give this access with a set of commands that will lock him out of everything else or if there is a standalone app from ASDM that just shows monitoring/logging info. The other issue with ASDM is the monitoring will most likely be real time or only a few days back and not historical.
Another option is exporting them to an FTP server which I am fine with doing but I feel he will have an issue going through them all to find the information he needs.
We do have a solarwinds server but I dont know how to get the Cisco logs to show up in the GUI so he can read them from a webpage.
I am sure there are other ways to achieve this but these are the only few that came to mind right off the bat given our environment. Does anyone have a place I can look or suggestion on an easy way to do this? I am sure it can all depend on the environment but our Production Controls team isnt looking for too much just a small bit of information.
Log level 4 is most useful for errors and warnings. If they want to see every connection being established, you will need to move up to the much more verbose level 6.
The manager can then just refer to SolarWinds' syslog viewer for a source of all the syslog data. It's easy to sort by time period, interesting message string etc. You can optionally set actions from the SolarWinds console (via RDP) for selected sylog messages.
You can set SolarWinds to keep data for a fixed period or by how big the database grows.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...