cisco ASA syslog issue

Hi,

 can we get history of users logged into cisco ASA including login period & logout time both

With out syslog server , can we see the history  in a firewall..
Is there any commands to see or any logging related configuration..?

regards
Ram
LVL 1
RAMU CHAsked:
Who is Participating?
 
amatson78Connect With a Mentor Sr. Security EngineerCommented:
The ASA does not have a long term log, anything including AAA and others. The default buffer for logging (Configuration > Device Management > Logging > Logging Setup is 4096 bytes. You can also save the buffer to FTP or email or send it via Syslog. This is the best way.

For the login messages you will want to look for any login messages in the logs such as below which depending on your syslog can be searched:

Logging
0
 
Pete LongTechnical ConsultantCommented:
Ram

This is usually a feature of AAA rather than syslog?


Pete
0
 
RAMU CHAuthor Commented:
Is there any free syslog toools available in internet market..

How about Kiwi?


1.What should be the system details generally required to store Log data in a server?

2. What should be the configuration for only monitoring for Login and logout sessions instead every traffic to prevent  server gets  overloaded?


Regards
Ramu
0
 
amatson78Sr. Security EngineerCommented:
I use Splunk which is a free SIEM product that accepts syslog. Easy to search through and make custom filters. As far as system specs depends on the product. Configuration is all done via the Cisco ASA, you can enable what features you want to log and what you don't.
0
 
RAMU CHAuthor Commented:
Tks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.