cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

24795
Views
0
Helpful
6
Replies
Highlighted
Beginner

How to get Top Talkers on ASA ?

hi Friends,

We ahave ASA 5510 and 5520 @ our office. We are not using any netflow tools in order to get the talk talklers.

As this firewalls are shared firewall (used by different Projects), we are not able to get , which project is using more traffic and which is less.

Can someone help me out in this ?

Regards

Nirav Bhatt

6 REPLIES 6
Highlighted
Cisco Employee

Hi Nirav,

You can some of the information you are looking for with thread-detection.. On the ASA you can find the top 10 souces, top 10 destination, and most used protocols on the network.

http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/user/guide/protect.html#wpxref82650

Luis

Luis Silva
Highlighted

I know this is an old thread, but I'm hoping this will come in handy for anyone doing a search.

All our 5505's and 5510's are on ASA 8.2(5) and didn't get some of the nicer "top 10" features that come with later versions.  I always assumed it was due to the ASA version, but I built an ASA recently on 8.2(5) which has ASDM 7.1(2) on it and the pie charts for top talkers is there now.

I'm in the process of updating all our devices to ASDM 7.1(2) and it's given us a lot more visibility of the network.

Highlighted

That is great! Go for it!

Luis Silva

Luis Silva
Highlighted

Hi Nirav,

If you've got a linux server, you can copy/past the "show conn" command output in a file and just use the awk command   :

cat /tmp/ASA_show_conn_ouput  |awk '{print $9, $1, $3, $5}' |sort -nr | head -10

You will get the TOP10 connexions by nb of bytes.

Vincent


Highlighted

Thanks Vicent, this trick is excellent!.

Highlighted

In "show conn " we have 700k entries, how do i take it over linux machine? 

Content for Community-Ad