ASA log exception
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-24-2012 09:14 AM - edited 03-11-2019 03:57 PM
Hi,
How can i except log generation some ip address on ASA.
I want to filter for generation syslog message for spesific IP address on ASA.
Thanks.
- Labels:
-
NGFW Firewalls
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-25-2012 02:42 AM
Do you have any idea this case?
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-25-2012 05:48 AM
yes you can capture for a perticular host and ip
you have to define access-list for that
as instance if you want capture icmp logfor the host 192.168.2.115
then
first make a access-list
access-list 101 permit icmp host 192.168.2.115 any
then
you have too attach this access-list with capture commend
capture (capture name like newcap) newcap access-list 101 interface (interface name like inside,outside,or dmz1) inside
then the commend is
capture newcap access-list 101 interface inside
then if you ping your inside interface then asa will capture this log
then you can see the log by sh capture (capture name)
sh capture newcap
tell us if it is help you
