Cisco ASA Firewall
This Quick Start Guide provides log configuration details for SMA support: Cisco ASA SMA using FTP hosting (Linux).
Support Specifications:
Version: Cisco ASA 5.2 - 5.6
Configuration Prerequisites:
Prerequisite | Description | For additional details... |
---|---|---|
1. Access to Oracle Management Cloud | You must have an Oracle Cloud account containing an OMC instance with administrator privileges. | How Do I Access Oracle Management Cloud? in Managing and Monitoring Oracle Cloud |
2. The FTP Server configured with default settings | The FTP server is your log host (OMC entity), where log sources upload and store logs. | See FTP Server documentation provided by your vendor. |
3. Cloud agent(s) installed and Log Analytics licensing enabled | Have a Cloud Agent installed on the FTP server. This host will be discovered as an entity in OMC. | Install the Cloud Agent and Enable Oracle Log Analytics in Using Log Analytics Environment Requirements in Installing and Managing Oracle Management Cloud Agents |
4. Security Monitoring and Analytics licensing enabled | Note that SMA Data Enrichment is disabled by default. | Enabling Automatic Log Analytics and Security Monitoring and Analytics Data Collection in Getting Started with Oracle Management Cloud |
Configuration Steps:
Cisco ASA Firewall data config. | Task requirements | For additional details, see... |
---|---|---|
STEP 1. - Configure your Cisco ASA firewall to upload logs to your FTP server (OMC entity). | - | Configuring System Message Logging in Catalyst 3750-X and 3560-X Switch Software Configuration Guide |
STEP 2. - Add an Entity Association to support the new logs in OMC using Log Analytics. | Associate Cisco ASA Logs with your OMC entity (the FTP server where you installed the OMC agent).
Note: the File Name Pattern (directory) parameter must match with your FTP server. |
Security Device Sources Associating Entities to Existing Log Sources in Using Oracle Log Analytics |
STEP 3. - Validate your log collection. | Confirm your setup was successful. | Validate Log Collections |