Re: See all incoming traffic on ASA

abtt-39 · ‎10-18-2023

Hello,

On my ASA, I see the logs from ASDM, in notification mode, but I only see the accesses appearing in deny.
ACLs authorize all HTTP/HTTPS traffic to our proxy server. How can I see not only traffic incoming refused, but also everything that is authorized?

#sh run log

logging enable
logging timestamp
no logging hide username
logging list FailErrors level errors class ha
logging asdm-buffer-size 500
logging trap notifications
logging asdm notifications
logging facility 21

From Real time Log viewer, I tried to change the Logging level to "informational", but it's the same

balaji.bandi · ‎10-18-2023

try below should work ( still not working - post ASA verison and show logging )

logging buffered informational
logging trap notifications
logging asdm informational

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎10-18-2023

I Send you message check it

Marvin Rhoads · ‎10-18-2023

Agree with @balaji.bandi 's post. The logging buffered informational and logging asdm informational should give you messages for each and every new tcp connection through the ASA to your server.

MHM Cisco World · ‎10-19-2023

He mention that he use informational and still see same

abtt-39 · ‎10-19-2023

Hello,

In fact, I had modified from asdm/real time log.
I made the modification from the cli by entering logging asdm informational, now I can see, the rest. I see buit and teardown.

Now I will try to interpret all of this. I was asked to check if I saw specific external IP arrived. but no, I don't see it using filters.

Thanks

balaji.bandi · ‎10-19-2023

Not sure i understand the comment, you mean to say now you see the Logs ?

ASDM is bit buggy some times.

i would click Filter and apply what required to work as expected some times.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help