Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6496
Views
0
Helpful
1
Replies

ASA - log successful and failed logons to syslog server?

Andy White
Level 3
Level 3

‎02-17-2012 01:20 AM - edited ‎03-11-2019 03:31 PM

Hello,

How can I log successful and failed SSH and ADSM logons to our syslog server?

Thanks

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Jouni Forss
VIP Alumni
VIP Alumni

‎02-17-2012 02:05 AM

Hi,

I haven't really touched the default logging configurations much but some firewalls that I manage have "logging trap informational" which sends messages of users connecting to the firewall.

The messages shows which username was used and if it was rejected or accepted. These messages all seem to be of the "informational" / "level 6" syslog messages.

The syslog IDs for them are:

ASA-6-113008

ASA-6-113012

ASA-6-113015

Though these messages only show information about the AAA not which type of connection was used (I tried both SSH and ASDM to see)

I'm sure there are more messages that will show additional information about the connection and also what the logged user did on the firewall during the management connection.

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card