?
Solved

cisco ASA syslog issue

Posted on 2014-01-27
5
Medium Priority
?
668 Views
Last Modified: 2014-02-17
Hi,

 can we get history of users logged into cisco ASA including login period & logout time both

With out syslog server , can we see the history  in a firewall..
Is there any commands to see or any logging related configuration..?

regards
Ram
0
Comment
Question by:RAMU CH
  • 2
  • 2
5 Comments
 
LVL 58

Expert Comment

by:Pete Long
ID: 39811595
Ram

This is usually a feature of AAA rather than syslog?


Pete
0
 
LVL 8

Accepted Solution

by:
amatson78 earned 2000 total points
ID: 39812440
The ASA does not have a long term log, anything including AAA and others. The default buffer for logging (Configuration > Device Management > Logging > Logging Setup is 4096 bytes. You can also save the buffer to FTP or email or send it via Syslog. This is the best way.

For the login messages you will want to look for any login messages in the logs such as below which depending on your syslog can be searched:

Logging
0
 
LVL 1

Author Comment

by:RAMU CH
ID: 39814491
Is there any free syslog toools available in internet market..

How about Kiwi?


1.What should be the system details generally required to store Log data in a server?

2. What should be the configuration for only monitoring for Login and logout sessions instead every traffic to prevent  server gets  overloaded?


Regards
Ramu
0
 
LVL 8

Expert Comment

by:amatson78
ID: 39816421
I use Splunk which is a free SIEM product that accepts syslog. Easy to search through and make custom filters. As far as system specs depends on the product. Configuration is all done via the Cisco ASA, you can enable what features you want to log and what you don't.
0
 
LVL 1

Author Closing Comment

by:RAMU CH
ID: 39864510
Tks
0

Featured Post

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
How can you see what you are working on when you want to see it while you to save a copy? Add a "Save As" icon to the Quick Access Toolbar, or QAT. That way, when you save a copy of a query, form, report, or other object you are modifying, you…
Suggested Courses
Course of the Month3 days, 23 hours left to enroll

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question