Configure Cisco ASA 5506-X Firewall to Send Syslog Messages to Kiwi Free Syslog Server 9.7.0

Subject: Configure Cisco ASA 5506-X Firewall to Send Syslog Messages to Kiwi Free Syslog Server 9.7.0


Author: Mr. Turritopsis Dohrnii Teo En Ming (TARGETED INDIVIDUAL)

Country: Singapore

Date: 20 September 2020 Sunday Singapore Time


Type of Publication: Plain Text


Document Version: 20200920.01


STEPS

=====


1. Launch Kiwi Free Syslog Server 9.7.0 Installer (by Solar Winds) on the Active Directory Domain Controller (Windows Server 2016 Standard).


2. Click "I Agree" on the License Agreement window.


3. Choose "Install Kiwi Syslog Server as a Service". Click Next.


4. Install the Service using: The LocalSystem Account. Click Next.


5. Select the type of install: Normal. Click Next.


6. Click Install on the Choose Install Location window.


7. Check "Run Kiwi Syslog Server 9.7.0". Click Finish.


8. On the dialog showing "Kiwi Syslog free version supports up to 5 message sources. Please define them under Inputs in Setup.", click OK.


9. Click Setup.


10. Inputs > UDP


Check "Listen for UDP Syslog messages".


UDP Port (1-65535): 514


Bind to address: Leave empty


Data encoding: System: Leave empty


Click OK.


11. Login to Cisco ASDM.


12. Configuration > Device Management > Logging > Logging Setup 


Check "Enable logging".


Click Apply.


13. Configuration > Device Management > Logging > Syslog Servers


Click Add.


Interface: inside


IP address: <IP address of Kiwi Syslog Server>


Protocol: UDP


Port: 514


Click OK.


14. Execute the following Windows command to check if Kiwi Syslog Server is listening.


netstat -nab | findstr 514


15. Go to Kiwi Syslog Server again. Click Setup.


Inputs Menu:


Enter IP address of Cisco ASA 5506-X Firewall. 


Click Add.


Click OK.


16. Login to Symantec Endpoint Protection Manager on the Active Directory Domain Controller.


Go to Firewall Policy. 


Under Windows Settings, Click Rules.


Click Add Rule.


Rule name: Open UDP Port 514 to allow syslog messages from Cisco ASA firewall


Click Next.


17. Click Allow Connections. Click Next.


18. Click All Applications. Click Next.


19. Select "Only the computers and sites listed below:"


Host: <IP address of Cisco ASA 5506-X Firewall>


Click Add.


Click Next.


20. Protocol: UDP


Select "Local/Remote"


Local Port: 514


Remote Port: Leave empty


Direction: Incoming


Click OK.


21. Choose "Only the communications listed below:"


Select "UDP [Local=514; Stateful Incoming] 


Click Next.


22. Do you want to create a log entry when this rule is matched? No


Click Finish.


23. Check the list of Firewall Rules.


Click OK.


24. Login to Cisco ASDM again.


25. Configuration > Device Management > Logging > Logging Filters


Click Logging Destination: Syslog Servers


Click Edit.


Syslogs from All Event Classes


Filter on severity: Debugging


Click OK.


26. Syslog messages from Cisco ASA 5506-X Firewall will start appearing on the Kiwi Free Syslog Server.






REFERENCES

==========


[1] http://lists.linuxfromscratch.org/pipermail/lfs-chat/2020-September/029155.html

Comments

Post a Comment

Popular posts from this blog

[24 Mar 2022 Thursday] Erectile Dysfunction and Viagra

Image
Subject: [24 Mar 2022 Thursday] Erectile Dysfunction and Viagra I have erectile dysfunction due to taking medications for mental illness (schizophrenia). Without Viagra, my penis is soft like jelly most of the time. There is no way I can penetrate a woman’s vagina due to erectile dysfunction. Today is the very 1st time I am taking Viagra. It allows my penis to remain hard and fully erected for 2 solid hours during sexual intercourse. Thanks Viagra! I can finally have sex! I am already 44 years old. What am I missing out in life?????? Do I still qualify to be a Japanese Adult Video (JAV) porn star actor???????? Link:  https://m.facebook.com/story.php?story_fbid=10158113552827735&id=646397734
Read more

Patching Linux Kernel 5.5.7 to Add Support for AUFS Filesystem

Subject of Hint: Patching Linux Kernel 5.5.7 to Add Support for AUFS Filesystem ORIGINAL AUTHOR: JIMMY ANDERSON ORIGINAL DATE: 2013-01-20 EDITED BY: TURRITOPSIS DOHRNII TEO EN MING, SINGAPORE EDIT DATE: 15 MAR 2020 SUNDAY MANDATORY PREREQUISITES ======================= You *MUST* follow the guide/hint here first (COMPULSORY): http://lists.linuxfromscratch.org/pipermail/hints/2020-March/003334.html HINT ==== To obtain the aufs5 kernel patches, do the following:   $ sudo apt install git #------------ Cut and Paste start cd $LFS/sources git clone git://github.com/sfjro/aufs5-standalone.git \ aufs5-standalone.git cd aufs5-standalone.git git checkout -b origin/aufs5.5 cp aufs5-*.patch .. rm -f include/uapi/linux/Kbuild tar cvfz $LFS/sources/aufs5.tar.gz Documentation fs include cd .. rm -rf aufs5-standalone.git #------------ Cut and Paste end Rebuilding your kernel ======================    Follow the instructions in the LFS/BLFS book and...
Read more