07-12-2012 02:04 PM - edited 03-11-2019 04:30 PM
I can monitor site-to-site connections and user VPNs with no problem. I can't seem to monitor my firewall/rules real time. I want to filter on certain addresses. I have a 5520. Any help is appreciated.
Thanks,
Charlie
07-13-2012 07:42 AM
you can monitor them in realtime if you enable logging via syslog. There you can use tail/grep or whatever fits your needs.
Sent from Cisco Technical Support iPad App
07-15-2012 09:51 PM
Hi Bro
That's true what has been said by Karsten Iwen. You'll need to enable logging in your Cisco ASA Firewall, and you'll be able to view your Firewall rules real time (provided there's the keyword "log" at the end of the rule sentence).
The example shown below is about viewing your Firewall rules real time via the console (Firewall buffer);
FW1# show run logging
logging enable
logging timestamp
logging list TEST1 message 106100
logging buffered TEST1
logging device-id hostname
Jul 16 2012 12:46:13 FW1 : %ASA-6-106100: access-list inside permitted tcp inside/172.29.26.17(2678) -> outside/172.29.209.144(139) hit-cnt 1 first hit [0xd9e2aa06, 0x0]
Jul 16 2012 12:46:13 FW1 : %ASA-6-106100: access-list inside permitted tcp inside/172.29.26.12(2539) -> outside/172.29.209.144(445) hit-cnt 1 first hit [0xd9e2aa06, 0x0]
Please help to rate the comments provided, if you find it useful :-)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide