Integrating with Cisco ASA Firewall

Use the Command Line

Please log into the Cisco ASA firewall using the command-line interface. Start by entering the command below.

logging enable
logging host <interface_name> <sensor_ip> udp
logging permit-hostdown
logging timestamp
logging device-id hostname
no logging emblem

Tip: (If logging is enabled and you do not see any traffic
check the logging buffered setting. It may need to be
adjusted to "logging buffered informational".)

Note: Emblem log format should be disabled.

The <interface_name> argument specifies the interface through which you access the Blumira sensor. The sensor_ip argument specifies the IP address of the Blumira sensor.

Note: Your ACL definitions must have a log tag associated with them or they will not log out traffic matches associated with them. See Cisco’s Configuring Logs for Access Lists.

This document provides information on how to configure syslog on the Cisco Adaptive Security Appliance (ASA) by using the Adaptive Security Device Manager (ASDM) graphical user interface.

If you are still not receiving logs from the Cisco ASA, Please ensure that Logging Filters for Syslog Server are configured to send “Severity: Informational” and that Emblem formatting is disabled.

Cisco Logging FIlter Configuration

Cisco Logging Filter Severity