Help with ASA 5505 SYSLOG alerts
We are using Firewall Analyzer to monitor an ASA5505 firewall and I need assistance with creating alerts.
I am not familiar enough with SYSLOG events generated by the device to program the correct alerts and would like some help from an expert in this area.
I am looking for someone who has set this up before, can suggest useful alerts, and is familiar with security related syslog events. For example I'd like to know if/when someone attempts to do a port scan or perhaps IP spoofing.
The firewall does not have IDS or IPS - so specific "attack" messages are not generated but I understand that there should be some warning or error messages generated by other SYSLOG events which we can alarm on.
I will pay for this service - please feel free to email me at eclemens (<at>) gmail.com.
MOD: IF this is an unacceptable post - my apologies.
TIA
I am not familiar enough with SYSLOG events generated by the device to program the correct alerts and would like some help from an expert in this area.
I am looking for someone who has set this up before, can suggest useful alerts, and is familiar with security related syslog events. For example I'd like to know if/when someone attempts to do a port scan or perhaps IP spoofing.
The firewall does not have IDS or IPS - so specific "attack" messages are not generated but I understand that there should be some warning or error messages generated by other SYSLOG events which we can alarm on.
I will pay for this service - please feel free to email me at eclemens (<at>) gmail.com.
MOD: IF this is an unacceptable post - my apologies.
TIA
Topic Participants
eclemens
support+user
New to M365 Manager Plus?
New to M365 Manager Plus?
New to RecoveryManager Plus?
New to RecoveryManager Plus?
New to Exchange Reporter Plus?
New to Exchange Reporter Plus?
New to SharePoint Manager Plus?
New to SharePoint Manager Plus?
New to ADManager Plus?