You need to log in to create posts and topics.

Cisco ASA Syslog

Do you have any examples on collecting Cisco ASA syslogs?

Here is a pretty thorough guide on how to do it. 

Some modifications will be needed for sure, but the same approach should still apply:

1) Create a logstash instance and use this guide to inform your configuration. A key difference being that your logstash output would point to your Vizion Elastic App instead of creating an ES instance from scratch. The logstash filter may have to be adjusted to precisely fit what you're getting from your logs, but I would imagine it will be largely the same.

2) Make a stdout from Cisco ASA Syslog that points to the logstash instance.

If you haven't setup logstash and connected it to Vizion Elastic, I can work on writing up a guide for that.

I have not setup logstash yet on our Cisco ASA's yet.   It would be great to have a guide for that.   I've seen others but no any specific.  This is very exciting information.   Thank you.

Full disclosure.   I'm pretty new to the subject.  What do you think of this video?


Thanks for sharing that video! I think it's well done and gives a good overview of what Logstash does. After watching, does Logstash seem like the right tool for your needs?Please let me know about your progress and I hope to be able to help with any issues you may run into.

Doug - there is new reference material to create a dashboard for Cisco ASA in Elasticsearch and we can use that to send this data to

We can help you configure this if you would like.