The Cisco ASA 5510 here at work is being decommissioned and I want to find out what users used it alot. I didn't set this thing up myself, but it would be nice to add the same users to the new system by finding out a list of the old users.
Asked
Active
Viewed 1,466 times
1 Answers
2
If you have a month or so, you could use a script to read the log files.
I have a perl script that basic opens the log file and looks for the following
fw.*(Group = NETOPS_TUNNEL). (Username = .*) (authenticated.)
You can then spit the user name out into a variable and count.
I would love to give you the code, but, its tightly integrated into a management toolkit that i wrote.
To push the data to a syslog server you need the following commands.
logging enable
logging timestamp
logging trap errors
logging host inside <syslog host>
logging message 113009 level errors
logging message 113008 level errors
logging message 113014 level errors
logging message 113004 level errors
logging message 713052 level errors
logging message 715019 level errors
The above switches on logging, Logs with a timstamp, sets logging to "error" and then sets where to send the logs
The other statements change the default level of certain log messages that might be usefull for you. (Normally they are not logged at the error level)
Steve
- 342
- 2
- 10
-
Can you tell me where the logs are at on a Cisco ASA? I'd settle for that...I'm guessing I can just connect to it using putty or something like that – leeand00 Feb 05 '13 at 14:35
-
edited my answer – Steve Feb 05 '13 at 14:45