Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
826
Views
0
Helpful
3
Replies

Cisco ASA Syslog meesage id for Distributed Denial of Service (DDoS)

shalendra2
Level 1
Level 1

‎02-10-2016 09:51 PM - edited ‎03-12-2019 12:16 AM

Hi Team,

               We want to analyze syslog messages for Distributed Denial of Service (DDoS) attack. Only DoS attack related message ids are there in Syslog message guide.

Please suggest the messages ids for DDoS.

-Shalendra

Labels:
0 Helpful
3 Replies 3

Marius Gunnerud
VIP
VIP

‎02-10-2016 10:25 PM

DoS and DDoS will essentially have the same syslog message ID, DDoS just refers to how the DoS attack is executed.

--

remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

shalendra2
Level 1
Level 1
In response to Marius Gunnerud

‎02-10-2016 11:30 PM

Agree Marius! But i'm looking for specific DDoS message Ids and in message description it should say for DDoS attack only.

-Shalendra

0 Helpful

Marius Gunnerud
VIP
VIP
In response to shalendra2

‎02-11-2016 12:20 AM

As far as I know the ASA does not provide any logs that specifically state DDoS.  If you want this you will need to invest in an IPS and look for matches on signature ID 1493/0.

--

remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card