Re: URL Logging (Internet Browsing) in ASA

rizwan.corvit · ‎06-17-2011

Hi,

I have Cisco ASA 5520 and want to use any syslog server for logging of URL traffic passing through ASA firewall surffing by coorporate end users. Could any one please share with me how to configure ASA for URL logging on syslog server. so that i can log any user activity with website address with user ip address or hostname logged in syslog server.

Thanks in Advance !

Rizwan Haider Siddiqui

Anu M Chacko · ‎06-17-2011

Hi Rizwan,

Here is how you can do this:

logging trap 7

logging host

logging on

On the syslog server, you will see syslogs with the IP addresses of the source IP and the destination IP.

Please refer to the following link for any doubts:

http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logconf.html#wp1106984

This one walks you through on how to configure syslogging using ASDM.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml#steps

Hope this helps!

Regards,

Anu

P.S. Please mark the question as resolved if it has been answered. Do rate helpful posts.

rmavila · ‎06-17-2011

Hi Rizwan,

You can have inspect http enabled on the firewall. This will enable 304001 syslog message which logs the URL accessed. The syslogs can be sent to a server as mentioned in the above post.

--

Rahul

P.S. Please mark the question as resolved if it has been answered. Do rate helpful posts.

rizwan.corvit · ‎06-19-2011

Hello Anu & Rahul for your effective and prompt reply.

let me configure and apply these step for my required functionalitly. In case of any problem i will let you know.

thank you so much.

Rizwan Haider Siddiqui