07-07-2021 11:05 AM
Hello.
i have an ASA 5516 firewall where i have configured some access rules to filter traffic, i want to log packets that match an access-list statement with the log keyword, the logs need to be sent to a syslog server but i only need to send logs for the access-list and not all logging, i notice there is a class option on the on the logging command that filters the logs but am not sure which option to use for logging access-list hits. Below is a what i get from the ASA:
NBS-BT-DC-ASA5516-PRODUCTION(config)# logging trap notifications class ?
configure mode commands/options:
auth User Authentication
bridge Transparent Firewall
ca PKI Certificate Authority
citrix Citrix Client
config Command Interface
csd Secure Desktop
cts Cisco TrustSec
dap Dynamic Access Policy
eigrp EIGRP Routing
ha Failover
ids Intrusion Detection System
ip IP Stack
ipaa IP Address Assignment
np Network Processor
ospf OSPF Routing
rip RIP Routing
rm Resource Manager
rule-engine Rule Engine
session User Session
snmp SNMP
ssl SSL stack
svc SSL VPN Client
sys System
tag-switching Service Tag Switching
vm VLAN Mapping
vpdn PPTP and L2TP session
vpn IKE and IPSec
vpnc VPN client
vpnfo VPN Failover
vpnlb VPN Load Balancing
webfo WebVPN Failover
webvpn WebVPN client
NBS-BT-DC-ASA5516-PRODUCTION(config)#
NBS-BT-DC-ASA5516-PRODUCTION(config)# sh access-list | i any any
access-list OUT line 28 extended permit ip any any log
Which option do i use?
Regards.
Solved! Go to Solution.
07-07-2021 11:15 AM - edited 07-07-2021 11:16 AM
how about enable Logg messages :
logging enable
logging timestamp
logging list syslogmsg message 106100
logging trap syslogmsg
logging host x.x.x.x
reference document :
07-07-2021 11:15 AM - edited 07-07-2021 11:16 AM
how about enable Logg messages :
logging enable
logging timestamp
logging list syslogmsg message 106100
logging trap syslogmsg
logging host x.x.x.x
reference document :
07-07-2021 01:03 PM
Hello Balaji.
This is very helpful, exactly what i was look for, thanks for the quick response.
Regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide