User guide

ManualsBrandsMSI ManualsHome building and DecorSupero CSE-M35S

221

222

223

224

225

226

227

228

229

230

ManageEngine Firewall Analyzer :: User Guide

220

Zoho Corp.

interface_name

is the interface on the ASA Firewall whose logs need to be

analyzed (for example: "inside" or "outside").

syslog_ip

is the IP address of the syslog server (i.e. Firewall Analyzer), to

which the Firewall should send the Syslogs.

udp/<syslog_port>

indicates that logs will be sent using the UDP protocol, to the

configured syslog port on the syslog server. If left blank, logs will

be sent to the default UDP port 514.

hostname

firewall's host name (defined with the

hostname

configuration

command)

ipaddress

interface_name

the IP address of a specific firewall interface named

interface_name

(for example: "inside" or "outside")

string text

an arbitrary text string (up to 16 characters)

context-name

in PIX 7.x or FWSM 2.x operating in multiple-context mode, the

name of the firewall context can also be sent.

For more information, refer the Cisco PIX documentation.

Configuring Cisco ASA Versions using ASDM

Enable Logging

Carry out the steps given below:

• Load the ASDM

• Select Configuration > Device Management > Logging > Logging Setup

• Select Enable Logging

• Select Logging > Logging Filters

• Choose the syslog-servers as Informational

• Select Logging > Logging Filters > Syslog servers

• Click Add

• Enter the IP address and choose the appropriate interface and ensure that you

choose UDP and enter the port number

• Select Logging > Syslog Setup

• Select 'Include time stamp in syslogs' option and scroll down to ensure the

syslog ID's 302013, 302014,302015,302016 are in enabled state and the

logging level is set to Informational

Disable Logging

You can disable specific syslog IDs based on your requirement.

Note: By selecting the check mark for the Include timestamp in syslogs option, you can

add the date and time that they were generated as a field to the syslogs.

• Select the syslogs to disable and click Edit.

• From the Edit Syslog ID Settings window, select the Disable messages

option and click OK.

• The disabled syslogs can be viewed in a separate tab by selecting Disabled

syslog IDs from the Syslog ID Setup drop-down menu.

For more information, refer the Cisco PIX documentation.