CISCO ADAPTIVE SECURITY APPLIANCE (ASA)

Instructions for forwarding Cisco Adaptive Security Appliance logs to your Log Management device

PREREQUISITES

Adaptive Security Appliance (ASA) or Next Generation Firewall (NGFW)
  • The IP Address for the ASA
  • Credentials to access the privileged mode for the ASA
  • Secure Shell (SSH) access configured on the ASA
Clone Systems Log Management Device
  • The IP Address for the Clone Systems Log Management device
Instructions

1.Open a command prompt and SSH into the Cisco ASA using a tool like PuTTY.

2. Get to privileged mode on the Cisco ASA and enter the password.

  • Cisco_ASA> enable
  • Password: ************

3. Execute a configuration command from the terminal to get into global configuration mode.

  • Cisco_ASA# config t

4. To log system messages and debug output to the Clone Systems Log Management device, use the logging host command in global configuration mode.

  • Cisco_ASA (config)# logging host {log collector local interface on ASA} { IP Address of Clone Systems Log collector }
  • EXAMPLE: Cisco_ASA(config)# logging host inside 10.1.1.1

5. Exit global configuration mode.

  • Cisco_ASA (config)# exit

6. Save the configuration changes to NVRAM.

  • Cisco_ASA# copy run start

7. Log off the Cisco ASA.

  • Cisco_ASA# exit