Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 218
  • Last Modified:

Logging access to servers / hosts through the ASA or 2620XM

Hello

I have an ASA5510 box and a Cisco 2620XM router.
I have a bunch of servers behind these devices.
I need to keep a log of who is connecting to what port. i.e.


source / date-time / port / destination

and keep at least 60 days worth of logs.

Is there an easy way of doing this either on the PIX or the Router?
0
eggster34
Asked:
eggster34
1 Solution
 
lrmooreCommented:
You can log all connections through the ASA by enabling logging to an external syslog host and log "informational" level
It can generate 1Gb+ log files daily if you're not careful. Watch the logs and diable certain message #'s that are not required to be maintained (i.e. icmp requests, netbios packets ignored, etc)
Archive the log file daily (most syslog servers can do this automatically), and move the archives to a disk drive that gets backed up regularly.
Done.

http://www.kiwisyslog.com
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now