Cisco ASA Firewall

This Quick Start Guide provides log configuration details for SMA support: Cisco ASA SMA using FTP hosting (Linux).

Support Specifications:

Version: Cisco ASA 5.2 - 5.6

Configuration Prerequisites:

Prerequisite	Description	For additional details...
1. Access to Oracle Management Cloud	You must have an Oracle Cloud account containing an OMC instance with administrator privileges.	How Do I Access Oracle Management Cloud? in Managing and Monitoring Oracle Cloud About Roles and Users
2. The FTP Server configured with default settings	The FTP server is your log host (OMC entity), where log sources upload and store logs.	See FTP Server documentation provided by your vendor.
3. Cloud agent(s) installed and Log Analytics licensing enabled	Have a Cloud Agent installed on the FTP server. This host will be discovered as an entity in OMC.	Install the Cloud Agent and Enable Oracle Log Analytics in Using Log Analytics Environment Requirements in Installing and Managing Oracle Management Cloud Agents
4. Security Monitoring and Analytics licensing enabled	Note that SMA Data Enrichment is disabled by default.	Enabling Automatic Log Analytics and Security Monitoring and Analytics Data Collection in Getting Started with Oracle Management Cloud

Configuration Steps:

Cisco ASA Firewall data config.	Task requirements	For additional details, see...
STEP 1. - Configure your Cisco ASA firewall to upload logs to your FTP server (OMC entity).	-	Configuring System Message Logging in Catalyst 3750-X and 3560-X Switch Software Configuration Guide
STEP 2. - Add an Entity Association to support the new logs in OMC using Log Analytics.	Associate Cisco ASA Logs with your OMC entity (the FTP server where you installed the OMC agent). Note: the File Name Pattern (directory) parameter must match with your FTP server.	Security Device Sources Associating Entities to Existing Log Sources in Using Oracle Log Analytics
STEP 3. - Validate your log collection.	Confirm your setup was successful.	Validate Log Collections