ASA Firewall Preventive Maintenance

Anonymous KH
Anonymous KH used Ask the Experts™
on
Dear Experts,

I need to do preventive maintenance for an ASA Firewall 5506.

I only know of the following commands:

1. show inventory
2. show version
3. show interface
4. show cpu usage
5. show traffic
6. show perfmon
7. show blocks
8. show memory
9. show xlate count / show xlate
10. show conn count / show local-host
11. show processes

Is there a command to show logs? where it shows if the interface is up or down or if there are errors, failures or warnings like cisco switches?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
The only real "Maintenance" you need to do on one of these is to ensure you have a recent backup of the configuration, and a copy of the firmware.
Anonymous KHIT Engineer

Author

Commented:
Is there a command to export out the logs of the firewall?
Yep, but by default logging will not be set up, and hence there will not actually be any logs to export.

Probably a better way is to use Syslog. Grab a free syslog server from the net, install it on an internal server, then configure the ASA to send logs to that.  

More explanation here: https://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/63884-config-asa-00.html

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial