https://community.cisco.com/t5/network-security/snmp-trap-for-asa/m-p/2113364#M394994 <HTML><HEAD></HEAD><BODY><P> Hello Pawel,</P><P></P><P>I actually I followed the first document you send me and I am still not recieving any SNMP traps from the ASA to my NMS server. Can you please send me the exact commands to verfiy it on my end.</P><P></P><P>Regards,</P><P>Hesham</P></BODY></HTML> Tue, 11 Dec 2012 11:45:47 GMT helsayed78 2012-12-11T11:45:47Z https://community.cisco.com/t5/network-security/snmp-trap-for-asa/m-p/2113362#M394989 <P>Hi,</P><P></P><P>I am trying to generate and SNMP trap for any configuration changes done on a Cisco ASA , however I am not able to achieve that .... Can anyone help me out ?</P><P></P><P></P><P>Regards,</P><P>Hesham&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </P> Tue, 12 Mar 2019 00:29:36 GMT https://community.cisco.com/t5/network-security/snmp-trap-for-asa/m-p/2113362#M394989 helsayed78 2019-03-12T00:29:36Z https://community.cisco.com/t5/network-security/snmp-trap-for-asa/m-p/2113363#M394991 <HTML><HEAD></HEAD><BODY><P>Hi Hesham,</P><P>It depends what kind of information level you want to get. </P><P></P><P>- If you only want know that configuration was changed, but without details about what exact change was done, you can easily use logging to syslog server.</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml#maintask1">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml#maintask1</A></P><P></P><P>- If you want to know what particular change was done, then you can use TACACS+ accouting on ASA in cooperation with AAA server, e.g. ACS.</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/a1.html#wp1554939">http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/a1.html#wp1554939</A><SPAN> </SPAN></P><P></P><P>regards,</P><P>Pawel</P></BODY></HTML> Wed, 28 Nov 2012 21:08:53 GMT https://community.cisco.com/t5/network-security/snmp-trap-for-asa/m-p/2113363#M394991 ptrynisz 2012-11-28T21:08:53Z https://community.cisco.com/t5/network-security/snmp-trap-for-asa/m-p/2113364#M394994 <HTML><HEAD></HEAD><BODY><P> Hello Pawel,</P><P></P><P>I actually I followed the first document you send me and I am still not recieving any SNMP traps from the ASA to my NMS server. Can you please send me the exact commands to verfiy it on my end.</P><P></P><P>Regards,</P><P>Hesham</P></BODY></HTML> Tue, 11 Dec 2012 11:45:47 GMT https://community.cisco.com/t5/network-security/snmp-trap-for-asa/m-p/2113364#M394994 helsayed78 2012-12-11T11:45:47Z https://community.cisco.com/t5/network-security/snmp-trap-for-asa/m-p/2113365#M394995 <HTML><HEAD></HEAD><BODY><P>Hi Hesham,</P><P>The way I provided to you is using Syslog messages rather than SNMP traps. Most of NMS has built in syslog server. Configuration sample below:</P><P></P><P>logging enable</P><P>logging buffered informational&nbsp;&nbsp;&nbsp;&nbsp; ! in fact this one was only used to what exactly is being logged - you can omit it</P><P>logging trap informational</P><P> logging host inside 1.1.1.100</P><P></P><P>Sample of logs while configuration change is done:</P><P></P><P>ciscoasa# show logging</P><P>(...)</P><P>%ASA-5-111008: User 'enable_15' executed the 'configure terminal' command.</P><P>%ASA-5-111008: User 'enable_15' executed the 'interface Ethernet 0/1' command.</P><P>%ASA-5-111008: User 'enable_15' executed the 'description DDD' command.</P><P> %ASA-5-111005: console end configuration: OK</P><P>%ASA-6-302015: Built outbound UDP connection 0 for inside:1.1.1.100/514 (1.1.1.100/514) to NP Identity Ifc:1.1.1.1/514 (1.1.1.1/514)</P><P>(...)</P><P></P><P>captures proving syslog has been sent out to syslog server:</P><P></P><P>ciscoasa# show capture CAPIN</P><P>(...)</P><P>&nbsp; 19: 00:08:34.199345 1.1.1.1.514 &gt; 1.1.1.100.514:&nbsp; udp 71</P><P>&nbsp; 20: 00:08:34.199345 1.1.1.1.514 &gt; 1.1.1.100.514:&nbsp; udp 80</P><P>&nbsp;&nbsp; 21: 00:08:34.679316 1.1.1.1.514 &gt; 1.1.1.100.514:&nbsp; udp 50</P><P></P><P>I hope that helps. If not, just let me know.</P><P></P><P>regards,</P><P>Pawel</P><H1></H1><H1></H1></BODY></HTML> Tue, 11 Dec 2012 18:40:52 GMT https://community.cisco.com/t5/network-security/snmp-trap-for-asa/m-p/2113365#M394995 ptrynisz 2012-12-11T18:40:52Z https://community.cisco.com/t5/network-security/snmp-trap-for-asa/m-p/2113366#M394996 <HTML><HEAD></HEAD><BODY><P>Thank you Pawel,</P><P></P><P>Is it possible to use SNMP traps instead since logs are already sent to a syslog server?</P><P></P><P>I am also not able to receive the syslog message that defines a change has occured!</P><P></P><P>Regards,</P><P>Hesham </P></BODY></HTML> Sat, 02 Feb 2013 19:17:10 GMT https://community.cisco.com/t5/network-security/snmp-trap-for-asa/m-p/2113366#M394996 helsayed78 2013-02-02T19:17:10Z