I am trying to log "Bad Passwords" or "Access Denied" attempts on the ASA and alert on them with Splunk:
I have the Cisco ASA 5510 Syslog setup and pointed to Splunk and I am getting data into Splunk but cannot search and see find the bad password attempts. I am running Cisco 8.2.1 I have changed the logging trap warnings to notifications with no effect.
logging console notifications
logging trap warnings
logging device-id hostname
logging host inside 10.1.100.110
... View more