ASA ASDM hit count

damilola.adebanjo1 · ‎06-12-2015

Hi all,

Does anyone know any tool or how to generate reports for firewall rules (acl) created that has no or 0 hit count in cisco ASDM.

Appreciate your repsonses.

Akshay Rastogi · ‎06-13-2015

Hi,

I could not find anything which could generate report on the basis of hit counts. but you could export the access-list in HTML or CSV format :

Please see the below link:

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/112925-acl-asdm-00.html#exportace

Regards,

Akshay Rastogi

damilola.adebanjo1 · ‎06-15-2015

Thank You Akshay

Akshay Rastogi · ‎06-15-2015

Hi,

You're welcome.

If this answers your query, I would request you to select the appropriate response as the solution for this thread.

Regards,

Akshay Rastogi

damilola.adebanjo1 · ‎06-15-2015

It does partially but the issue is we have more than one ip address configured on an interface and not sure if there is any hit for each ip?

Akshay Rastogi · ‎06-15-2015

- We assign access-list on Interface basis, so if any source and destination matches with the access-list configured on interface, it would show a hit.

- If there is any subnet mentioned in access-list, it would not show you hit for separate IP addresses out of that subnet. It would only show hit for access-list matches that traffic on specific interface.

Regards,

Akshay Rastogi

damilola.adebanjo1 · ‎06-15-2015

Thanks