Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5093
Views
0
Helpful
1
Replies

ASA - log successful and failed logons to syslog server?

Andy White
Participant
Participant

‎02-17-2012 01:20 AM - edited ‎03-11-2019 03:31 PM

Hello,

How can I log successful and failed SSH and ADSM logons to our syslog server?

Thanks

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Jouni Forss
Mentor
Mentor

‎02-17-2012 02:05 AM

Hi,

I haven't really touched the default logging configurations much but some firewalls that I manage have "logging trap informational" which sends messages of users connecting to the firewall.

The messages shows which username was used and if it was rejected or accepted. These messages all seem to be of the "informational" / "level 6" syslog messages.

The syslog IDs for them are:

ASA-6-113008

ASA-6-113012

ASA-6-113015

Though these messages only show information about the AAA not which type of connection was used (I tried both SSH and ASDM to see)

I'm sure there are more messages that will show additional information about the connection and also what the logged user did on the firewall during the management connection.

- Jouni

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents