Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

saving cisco VPN logs

Posted on 2011-09-12
3
405 Views
Last Modified: 2012-05-12
I have an ASA 5510 and have 3 VPN tunnels as well as an SSL VPN setup and I also have users connect via the anyconnect client.

I have been told I need to save logs from when people would connect and disconnect, so they can be reviewed if need be.  I figure I can setup a syslog server, but are there individual settings I need to make on the device itself?  Not sure what I would be looking for in the logs.
0
Comment
Question by:Wayside_Tech
3 Comments
 
LVL 18

Accepted Solution

by:
jmeggers earned 250 total points
ID: 36524683
There are several options.  Yes, you do have to configure the ASA with the IP address(es) of the syslog server(s).  Typically, mostly what I see is people changing the level of information that is logged (from level 0 - "emergencies" up to level 7 - "debugging".  Usually I see it set at "informational" which is level 6, but I can't recall if there's a default value that's set.  You can also change severity level for specific messages but I've rarely seen that level of detail in the configuration.

Take a look at the Configuraing Logging chapter in the configuration guide.  http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/monitor_syslog.html

0
 
LVL 33

Expert Comment

by:MikeKane
ID: 36529130
jmeggers gave you the right link....    I'm just going to add that a level 7 debug is not good for daily logging as it produces a LOT of traffic, especially on a busy device.   Level 5 is usually sufficient IMHO.    

For the backend, you can look at LogAnalyzer running with Rsyslog on any Linux host.    Its opensource and a good program... I use it myself.   Kiwi is a good windows alternative that's a paid for model.   I've used that one before also with success.
0
 
LVL 1

Author Comment

by:Wayside_Tech
ID: 36531770
Thanks, I will look into it and see.  Much appreciated.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Telepresence on backup 3 33
Cisco IPSec VPN Connection with Mac only sees Public folder 19 32
adjusting startup config 6 26
VPN problems 4 27
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question