Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How can I monitor bandwidth usage with a new Cisco ASA 5510

Posted on 2008-06-24
18
Medium Priority
?
22,645 Views
Last Modified: 2012-05-05
Does anyone know of a nice, easy, cheap method of monitoring bandwidth usage on an ASA 5510?  I just put it in to replace an old Sonicwall.  The one thing I liked about the Sonicwall is that I could see statistics for the amount of data sent\received over a specific connection between internal IP and external IP.  I was then able to go back and see what that person was doing to slam the bandwidth, (usually streaming music).  Now when I see a bandwidth spike, I am not sure how to track it back to see where the traffic is coming\going.
0
Comment
Question by:thelink12
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 5
  • 4
  • +1
18 Comments
 
LVL 14

Expert Comment

by:agriesser
ID: 21858107
I use `sh conn` on the console, copy the output to Excel and sort it according to my needs to see who uses my bandwidth. But that's not the best solution, I guess.
0
 

Author Comment

by:thelink12
ID: 21858135
How do you get the data into Excel?
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21858248
Connect via SSH, telnet, console, ... to your ASA, issue `sh conn`, mark all the data that's reported by the command and paste it into a notepad or Wordpad. Save the file as .txt, now start excel, click "File" -> "Open", choose the .txt file and when the data import wizard starts, choose space as delimiter for the data.

Make sure to format all cells as "Text" before attempting to insert the data into excel, otherwise IP address will be converted to dates, etc.

BTW: Openoffice Calc asks for the delimiter settings when pasting the data directly into the spreadsheet.
0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 
LVL 12

Expert Comment

by:jjmartineziii
ID: 21858668
Have you tried going to the ADSM? At the dashboard page, you can see top talkers.
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21858882
Do you mean the homescreen with "dashboard"? If so, I can't see the top talkers there, I can only see tons of syslog messages running down the screen, but that's nothing useful.
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 21859013
If you are using ADSM 6.0, click on the Home button then click on the Firewall Dashboard. You should see a pie chart on the bottom right.
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21859045
Oh, ok, I do only have ASDM 5.2 on my system as my "ASA" is just an upgraded PIX525...
0
 

Author Comment

by:thelink12
ID: 21859470
I have ASDM 6.0, and the Firewall Dashboard but I am looking for something a little more granular, and something I can use to report on history.  For instance, every so often, the bandwitdh gets slammed.  I would like to be able to quickly see which port\ip address is using all the bandwidth and where they are connecting to via which port.
0
 
LVL 14

Accepted Solution

by:
agriesser earned 2000 total points
ID: 21859533
I don't think that the ASA software is capable of doing something like this...
We installed a central syslog server which takes all the syslogs from our Cisco devices and runs reports on it some time ago, that worked not so bad, but it probably isn't as comfortable as the SonicWalls feature you talked about.
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 21859557
http://www.plixer.com/products/free-netflow.php

Something you may be able to do is run a newflow server. Above is a free one. ASA doesn't support netflow, but if you have a switch before it (or a router) you might be able to get the data from there.
0
 

Author Comment

by:thelink12
ID: 21859610
Its a small environment, the ASA sits in front of an HP Switch.  I have a Kiwi syslog server collecting the logs from the ASA.  Know of good way to run reports on that?
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21859708
Sorry, I don't know Kiwi. Anyone else, maybe?
0
 
LVL 12

Expert Comment

by:jjmartineziii
ID: 21859916
Me either. All I know is that it collects but thats all I know.
0
 

Author Comment

by:thelink12
ID: 21860141
Any good Syslog servers you can recommend?  Something with good reporting?.
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21860174
Well, we used the Cisco syslog server a few years ago for doing this. I don't recall the exact name of the product now.
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21924335
Any updates on this one?
0
 

Author Closing Comment

by:thelink12
ID: 31470253
We ended up using KIWI's syslog and then Sawmill to interpret the data.  THanks for all the help!
0
 

Expert Comment

by:Neil_b
ID: 23793420
What i do is have a router inline with the ASA as i have to report bandwidth over 3 seperate VRF's on a single ASA. The routers then have netflows enabled which i feed into a sensor on the LAN
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question