Solved

cisco asa5510 question about reports/logging

Posted on 2006-11-29
11
275 Views
Last Modified: 2013-11-16
Is there away or other tool to see where computers are going out on the internet and for how long they browse?
0
Comment
Question by:iceman19330
  • 7
  • 4
11 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 18040071
Not directly with the ASA, but you can either set up a proxy, force all users to go through the proxy and lock all except the proxy from going out the ASA, then use the reporting features of your chosen proxy. Microsoft ISA is pretty good for this...

Setup NTOP on a PC connected to a hub that connects the inside of the ASA to the internal LAN switch (or on a SPAN port of the switch)
http://www.NTOP.org

Pop in an in-line filter appliance like iPrism http://www.stbernard.com/iPrism
0
 

Author Comment

by:iceman19330
ID: 18040154
Okay is there a tool reading the logs and generating reports that way?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 18040454
Yes.
Enable logging to an external host, and use Sawmill automated syslog analyzer
http://www.sawmill.net/formats/kiwi_iso.html

Or FireGen
http://www.eventid.net/firegen/
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:iceman19330
ID: 18040485
How do I enable the logging to an external host?
0
 

Author Comment

by:iceman19330
ID: 18040502
I think I found it.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 18040516
logging on
logging trap informational
logging host a.b.c.d inside

<8-}

0
 

Author Comment

by:iceman19330
ID: 18040535
Nevermind that was something else.
0
 

Author Comment

by:iceman19330
ID: 18040605
Result of the command: "logging host 192.168.234.214 inside"

logging host 192.168.234.214 inside
                  ^
ERROR: % Invalid input detected at '^' marker.
0
 

Author Comment

by:iceman19330
ID: 18040628
Here is a funny thing I ran the commands, but then when it failed I exited the screen and went around.  At some point it stopped accepting connections, I went back and changed a small setting and applied and it started working again, this has happened before where I have set something via CLI and had to check on syntax or something like that and gotten out and the system has stopped accepting connections?  I know its not part of the question but any thoughts?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 18043020
My bad..
syntax =
logging host inside 192.168.234.214

Been a long day.....
0
 

Author Comment

by:iceman19330
ID: 18055349
No problem, been a long week for me.  TGIF.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question