Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
203
Views
0
Helpful
1
Replies

asa loggin vpn access

battanc
Level 1
Level 1

‎05-09-2014 06:25 AM

hi all,

I have a client who wants to trace all logon / logoff events on the VPN client. 
The LOG of the ASA is very verbose and it becomes difficult to identify interesting events inside.

Does anyone know if there is some post-processing software that can extract the "interesting" data and generate a periodic report?

Best regargs

Claudio

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-09-2014 06:54 AM

You can identify the logon and logoff syslog entries (e.g. 611101 and 611103 (click for details) are a good start) and create a logging message list that only includes them. You then send the syslog messages to an external server using the logging trap <message list> option. The Configuration Guide covers these options here.

The external server could be a commercial syslog product (e.g. Kiwi syslog server) or a simple Linux host running rsyslogd. The commercial products will have the nice things like being able to create and email reports. The Linux option will have a simple text file that you can review.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents