asked on

Cisco ASDM on ASA appliance

We are having trouble with spam being sent from our network. I figure it's a spam bot somewhere so I wanted to log all outbound traffic on the firewall.

I set up some access rules to only allow outbound traffic on port 25 from our mailserver.

I've attached a screenshot that shows that in less than an half hour there were 14,624 hits against the ACL.

I want to review this log but when I right click on it an click "show log" the window is empty.
I've attached a screenshot. How do I log this?

I've made sure that logging is enable and email filtering is on.

I've attached screenshots of all of this. Hopefully my question is clear enough. Thanks for you help.
Capture.JPG
blankLogWindow.JPG
logginEnabled.JPG
emailFilter.JPG

ASKER CERTIFIED SOLUTION

sharjeel ashraf

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

sharjeel ashraf

sorry forget to mention i have used kiwi syslog before for these sorts of problems and it works perfectly fine. although with kiwi you do have to sit and watch the screen, also from the main screen you can check what services and being used and what are the main IP's sending the data and where they are being recieved from.

David11011

ASKER

Ok, I'm in the process of setting up a syslog server. But if the logs are showing up asdm are they going to show up on the syslog server? Is there something else I need to do with my logging configuration on the router?

David11011

ASKER

the syslog server is what I was looking for. I decided to use Tftpd64 as the syslog server. It's really lightweight and does the job. Thank for your help