Cisco ASA: a very expensive machine that generates syslogs at line rate, and occasionally lets you firewall and do site-to-site VPNs


really, you absolutely NEED to turn off logging for messages 302013, 302014, 302016 (unless you're in the unenviable position of having to debug TCP/UDP connection setup).

Otherwise, it logs *every* connection setup and teardown, and it's very easy to miss the VPN logs you really want.

· · Web · 1 · 0 · 0

Speaking of logs... Splunk is great for historical log search, but the exact WRONG tool to do real-time debugging because I can't scroll the log in anywhere near real-time. So I had to send a copy of the ASA logs to an actual syslog machine.

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!