Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
127
Views
0
Helpful
2
Replies

Cisco ASA User or system password changed

shalendra2
Beginner
Beginner

‎05-11-2015 05:39 AM - edited ‎03-11-2019 10:54 PM

Hi Team,

               What is the syslog message id for User or system password changed event. I have this message %ASA-5-766009: CTS SXP: password changed. I'm not getting user name and who has changed password information.

Any other message do we have?

 

Regards,

Shalendra

 

Labels:
0 Helpful
2 Replies 2

Marvin Rhoads
Hall of Fame Community Legend Hall of Fame Community Legend
Hall of Fame Community Legend

‎05-11-2015 06:47 PM

The message you cite is specific to CTS SXP (Cisco Trustsec Security Exchange Protocol). It would normally be due to a downstream device being reconfigured to attempt to setup SXP with the ASA (or change an existing SXP setup).

I'm not sure a local user changing their password will cause a syslog event.

0 Helpful

shalendra2
Beginner
Beginner
In response to Marvin Rhoads

‎05-11-2015 10:08 PM

Thanks Marvin, Can you please confirm it.

 

 

Regards,

Shalendra

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents