Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
245
Views
0
Helpful
1
Replies

IOS Zone Based Firewall URLvisited logging

Tony_S
Level 1
Level 1

‎03-31-2024 07:42 AM

Hello, for reasons of compliance we are required to syslog URL visited.

With the config below (not full) I am able to see the IP visited, and this only for http.

Is there a way to syslog the http and https URLs ?

parameter-map type urlf-glob PERMITTEDSITES
pattern *

class-map type urlfilter match-any BLOCKEDSITES
match server-domain urlf-glob BLOCKEDSITES
class-map type inspect match-any HTTP

class-map type inspect match-any INSIDE-TO-OUTSIDE-CLASS
match access-group name INSIDE-TO-OUTSIDE

policy-map type inspect urlfilter CONTENT-FILTERING
class type urlfilter BLOCKEDSITES
log
allow
class type urlfilter PERMITTEDSITES
allow
log
policy-map type inspect INSIDE-TO-OUTSIDE-POLICY
class type inspect HTTP
inspect
service-policy urlfilter CONTENT-FILTERING
class type inspect HTTPS
inspect
class type inspect DNS
inspect
class class-default
pass

Which produces logs of the type:

<190>2719: *Mar 31 13:35:11.239: %URLF-6-SITE_ALLOWED: (target:class)-(IN-TO-OUT:HTTP):Client 10.XXX.XXX.237:63774 accessed server 146.75.118.172:80

Thanks in advance.

 

0 Helpful
1 Reply 1

MHM Cisco World
VIP
VIP

‎04-01-2024 10:57 AM

There is command ""alert"" check it

MHM

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card