Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1877
Views
0
Helpful
3
Replies

Audit : Configuration Change on ASA

manjeet_s1
Level 1
Level 1

‎05-26-2016 04:26 PM - edited ‎03-12-2019 12:48 AM

Hello Cisco Team,

How  we can check on the Cisco ASA that what changes has been done recently by someone?

Labels:
0 Helpful
3 Replies 3

Kornelia Gutierrez
Level 1
Level 1

‎05-26-2016 05:03 PM

It can be done if you have accounting enabled and exported to a server

0 Helpful

Karsten Iwen
VIP
VIP

‎05-26-2016 11:01 PM

There are three typical ways to achieve that:

  1. By sending the audit-data as log-messages to a syslog-server.
  2. Using AAA-command accounting with a TACACS server like the Cisco ISE
  3. Monitoring config-activity on the ASA which triggers a tool like RANCID that logs in to the ASA, loads the config and compares this new config with the last stored one.
0 Helpful

Tagir Temirgaliyev
Spotlight
Spotlight

‎05-29-2016 12:20 PM

in addition to Karsten

you can make python or perl script which will load the config and compare this new config with the last stored one

this is usefull if you have hundreds of routers and firewalls, and you compare not only config but also for examle ios version

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card