Solved

Capturing Web Traffic on a CISCO ASA 5520

Posted on 2010-11-18
4
710 Views
Last Modified: 2012-08-13
good day everyone,

we have a cisco ASA 5520 which has syslog capabilites but i do not see where i can monitor websites our users are hitting, is there any way to get this done via the ASDM or with a third-party application that works with the ASA device or is inexpensive or open source? thank you all.

GL137
0
Comment
Question by:GridLock137
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 34165478
If you turn on http inspection, the normal syslog will capture the URL requests.    

Example:
Sample URL Log
The following is an example of a URL logging syslog message:
192.168.69.71 accessed URL 10.0.0.1/secrets.gif

You can change the class inspection to include http if needed.   Just follow this doc to do so:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008085283d.shtml
0
 
LVL 7

Author Comment

by:GridLock137
ID: 34166194
where is the ASA device manager can i do this?
0
 
LVL 33

Accepted Solution

by:
MikeKane earned 500 total points
ID: 34166685
Its in CONFIGURATION -> FIREWALL -> SERVICE POLICY RULES  

Here's a doc that explains how to do it.  ( I wasn't sure about your version, buts its pretty much the same)
http://www.cisco.com/en/US/docs/security/asdm/6_1/user/guide/inspctrl.html#wp1142285
0
 
LVL 7

Author Closing Comment

by:GridLock137
ID: 34167330
thank you.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question