Solved

cisco asa5510 question about reports/logging

Posted on 2006-11-29
11
255 Views
Last Modified: 2013-11-16
Is there away or other tool to see where computers are going out on the internet and for how long they browse?
0
Comment
Question by:iceman19330
  • 7
  • 4
11 Comments
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
Not directly with the ASA, but you can either set up a proxy, force all users to go through the proxy and lock all except the proxy from going out the ASA, then use the reporting features of your chosen proxy. Microsoft ISA is pretty good for this...

Setup NTOP on a PC connected to a hub that connects the inside of the ASA to the internal LAN switch (or on a SPAN port of the switch)
http://www.NTOP.org

Pop in an in-line filter appliance like iPrism http://www.stbernard.com/iPrism
0
 

Author Comment

by:iceman19330
Comment Utility
Okay is there a tool reading the logs and generating reports that way?
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
Yes.
Enable logging to an external host, and use Sawmill automated syslog analyzer
http://www.sawmill.net/formats/kiwi_iso.html

Or FireGen
http://www.eventid.net/firegen/
0
 

Author Comment

by:iceman19330
Comment Utility
How do I enable the logging to an external host?
0
 

Author Comment

by:iceman19330
Comment Utility
I think I found it.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
Comment Utility
logging on
logging trap informational
logging host a.b.c.d inside

<8-}

0
 

Author Comment

by:iceman19330
Comment Utility
Nevermind that was something else.
0
 

Author Comment

by:iceman19330
Comment Utility
Result of the command: "logging host 192.168.234.214 inside"

logging host 192.168.234.214 inside
                  ^
ERROR: % Invalid input detected at '^' marker.
0
 

Author Comment

by:iceman19330
Comment Utility
Here is a funny thing I ran the commands, but then when it failed I exited the screen and went around.  At some point it stopped accepting connections, I went back and changed a small setting and applied and it started working again, this has happened before where I have set something via CLI and had to check on syntax or something like that and gotten out and the system has stopped accepting connections?  I know its not part of the question but any thoughts?
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
My bad..
syntax =
logging host inside 192.168.234.214

Been a long day.....
0
 

Author Comment

by:iceman19330
Comment Utility
No problem, been a long week for me.  TGIF.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now