Firewall Analyzer ADMIN REPORT not working with Cisco ASA
Hi,
I am having problems getting admin reports to work with a cisco ASA.
Build Version :
7.0.0
Build Number :
7000
Service Pack :
SP-7.0
0.0.0.0
unknown
0.0.0.0
unknown
28 Jan 2011, 11:06:55
debug
%asa-config-7-111009: user 'xxxxx' executed cmd: show logging message all
0.0.0.0
unknown
I am not seeing any login success/failure events at all. SSH and ASDM authenticate to local user accounts on the firewall.
I do see some commands in the report but not very many.
If I look at the raw logs I see configuration entries
0.0.0.0
unknown
28 Jan 2011, 11:06:34
debug
%asa-config-7-111009: user 'xxxxxx' executed cmd: show module 1 details
0.0.0.0
mgmt
0.0.0.0
ptambacas
28 Jan 2011, 11:06:34
notification
%asa-config-5-111008: user 'xxxxxxx' executed the 'dir disk0:/dap.xml' command.
0.0.0.0
unknown
0.0.0.0
unknown
28 Jan 2011, 11:06:32
debug
%asa-config-7-111009: user 'xxxxxx' executed cmd: show running-config all class-map
0.0.0.0
unknown
0.0.0.0
unknown
28 Jan 2011, 11:06:32
debug
%asa-config-7-111009: user 'xxxxxx' executed cmd: show running-config all regex
0.0.0.0
unknown
0.0.0.0
unknown
28 Jan 2011, 11:06:32
debug
%asa-config-7-111009: user 'xxxxxx' executed cmd: show curpriv
Is there a way to customize which events the reports log or anything else to check as to why I am not seeing the command issued or any login events?
It looks like the evente I see are 111008 which show up as notifications while 111009 which are debugs do not.
Thanks