Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
145
Views
0
Helpful
4
Replies

send Log ASA to Security Analytics and Logging for Secure Network

401
Level 1
Level 1

‎07-01-2025 06:31 PM


"I've configured syslog forwarding on my Cisco ASA to send logs to Secure Network Analytics, and the ASA's logging configuration is complete. However, I've noticed that the UDP TX counter for this destination is consistently at 3, which suggests logs aren't being sent successfully to Secure Network Analytics. Interestingly, syslogs are being sent to CSM without any issues. What steps should I take to diagnose and resolve this log delivery problem to Secure Network Analytics?"

ASA1111.png


0 Helpful
4 Replies 4

MHM Cisco World
VIP
VIP

‎07-01-2025 07:12 PM

Use Capture for traffic out from outside interface (or interface use to connect to server)
MHM

0 Helpful

401
Level 1
Level 1

‎07-01-2025 08:50 PM

is it necessary to add the ACL "access-list configuration OUTSIDE extended permit udp host <IP_interface_ASA> host <IP_SNA> eq 8514"

0 Helpful

MHM Cisco World
VIP
VIP
In response to 401

‎07-02-2025 01:40 AM

@401 wrote:

is it necessary to add the ACL "access-list configuration OUTSIDE extended permit udp host <IP_interface_ASA> host <IP_SNA> eq 8514"

In capture command you can specify host IP 

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118097-configure-asa-00.html

MHM

0 Helpful

Aref Alsouqi
VIP
VIP
In response to 401

‎07-03-2025 01:24 AM

This is not a transit traffic passing through the firewall, instead it is generated by the firewall itself, so no need for an transit ACL for this to work.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card