Cisco ASA - View real-time incoming connections using ASDM

Using the ASDM real time log viewer, all I see are outbound connections.  Is there anyway to view incoming connections?

I have an internal website using an ACL and NAT.  Logging is enabled for that ACL and I can see Hits on the counter.  If I right click on that ACL and select show log, there is nothing there.  I also tried setting logging on that ACL to debugging and still nothing.  

When looking at the Real-Time Log Viewer all I see are outgoing connections, showing our inside IPs for source and internet IPs for destinations.

Thanks
AlanNetwork AdminAsked:
Who is Participating?
 
btanExec ConsultantCommented:
for real time logging, also need to consider the type of logging set and likely you need a more verbose one like debugging instead of default information only.
 https://supportforums.cisco.com/discussion/11222801/asdm-logging-does-not-appear-correctly

 However, do note even in debugging level, the syslogs do not show individual packets, which is why the above offline or the CLI approach is alternative suggestion. You can do a packet capture on the interface and offline check but it is not real time then. Regardless, you can view the captures from CLI using the "sh capture"or use other s/w like Wireshark to view the export capture (pcap) packets. See below for more info on the steps
 http://www.tunnelsup.com/packet-captures-on-cisco-asa
 https://supportforums.cisco.com/document/6971/packet-capture-asapix-fwsm
0
 
netcmhCommented:
You could also use a Syslog server to capture all that information and view it with all sorts of filters to get granular reporting. There's a whole bunch of free tools - Kiwi, PRTG, etc. We're using AccelOps and we think it's great.
0
 
AlanNetwork AdminAuthor Commented:
So I guess at this time it can't be done.  Closest I can get it using the packet capture wizard and at the end just keep hitting get capture buffer.  Thanks btan for the links provided.  Your last one looks to be 6 years old and images don't show.  Below is a more concurrent one for anyone else looking.

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118097-configure-asa-00.html

I'm not sure how to close or mark a question answered that didn't really get what I was looking for.

Thanks
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
btanExec ConsultantCommented:
thanks for sharing, the pcap capture is still the safe bet and not real time. in fact, most are doing that for in depth analysis offline. Similar to this post which means long time it has exist and till now not much diff ..
http://ipfield.net/2013/06/asa-packet-capture-using-cli-and-asdm-config-example/

Another area that I was thinking s netflow but then it is not real time too..
0
 
AlanNetwork AdminAuthor Commented:
Included my own post since I provided a more up to date link.
0
 
btanExec ConsultantCommented:
thanks for sharing
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.