• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 735
  • Last Modified:

Capturing Web Traffic on a CISCO ASA 5520

good day everyone,

we have a cisco ASA 5520 which has syslog capabilites but i do not see where i can monitor websites our users are hitting, is there any way to get this done via the ASDM or with a third-party application that works with the ASA device or is inexpensive or open source? thank you all.

GL137
0
GridLock137
Asked:
GridLock137
  • 2
  • 2
1 Solution
 
MikeKaneCommented:
If you turn on http inspection, the normal syslog will capture the URL requests.    

Example:
Sample URL Log
The following is an example of a URL logging syslog message:
192.168.69.71 accessed URL 10.0.0.1/secrets.gif

You can change the class inspection to include http if needed.   Just follow this doc to do so:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008085283d.shtml
0
 
GridLock137Author Commented:
where is the ASA device manager can i do this?
0
 
MikeKaneCommented:
Its in CONFIGURATION -> FIREWALL -> SERVICE POLICY RULES  

Here's a doc that explains how to do it.  ( I wasn't sure about your version, buts its pretty much the same)
http://www.cisco.com/en/US/docs/security/asdm/6_1/user/guide/inspctrl.html#wp1142285
0
 
GridLock137Author Commented:
thank you.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now