Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1263
Views
0
Helpful
1
Replies

ASA syslog traffic

cesseltine
Level 1
Level 1

‎12-19-2019 08:30 AM

I work with LogRhythm and I am trying to filter out logs that did not get through the ASA firewall.  I see logs with the following message ID: 302013 Connection Built, 302015 Built UDP Connection, 302016 Connection Teardown,  Some of the 302016 logs show 0 duration with data listed, but if I do a search I do not see a traffic allow.  Do the three events I listed show traffic got through the ASA or is it safe to filter them out.

 

Thank You

 

Chris

Labels:
0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

‎12-19-2019 09:12 PM

I would recommend reviewing the guide below that will give you details about each type of syslog message generated on the ASA:

https://www.cisco.com/c/en/us/td/docs/security/asa/syslog/b_syslog.html

Thank you for rating helpful posts!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card