Solved

Is it possible to use syslog traps to send url requests to a syslog server on a Cisco ASA?

Posted on 2008-06-12
2
624 Views
Last Modified: 2013-11-16
Does anyone know if it is possible to send URL requests that pass through a Cisco ASA Firewall to a syslog server?  I didn't want to get a content filter device, I'm just wanted to log.

I know that it is possible to send URL requests to a WEBSENSE or N2H2 server, but we don't have one of those, all we want is a log of requests and the source IP requesting.  

We do NOT have any special licensing on the ASA.  

0
Comment
Question by:jkeegan123
2 Comments
 
LVL 6

Accepted Solution

by:
clearacid earned 250 total points
ID: 21775308
I don't think this is possible (for the url piece).  You are able to track down via destination IP though.

Alternatively you could use NTOP (www.ntop.org) open source software to track netflows that would automatically do the reverse lookup for you into domain names.  You could also use something like dansguardian open source web content filter and put it in passive mode (if you really don't want content filtering) to track the URLs.
0
 
LVL 7

Expert Comment

by:naughton
ID: 21776342
websense isn't an expensive option, and it really does work well -
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now