Implementing Secure Logging Analytics (SaaS) for ASA Devices

Before you Begin

Review Secure Logging Analytics (SaaS) for ASA devices to learn about:
- How events are sent to the Cisco cloud
- Applications in the solution
- Licenses you need
- Data plan you need
You have contacted your managed service provider or Security Cloud Control Sales representative to create a Security Cloud Control tenant.
Review Secure Device Connector. Connecting Security Cloud Control to your ASA using an SDC is considered a "best practice" but it is not required.
If you choose to deploy an SDC in your network, you can use this method to install it:
- Use Deploy a VM for Running the Secure Device Connector and Secure Event Connector.
You have installed one or more SECs for your tenant and you can send events from any ASA to any SEC onboarded to your tenant.

Be sure to review "Before you Begin" above to make sure your environment is properly configured.
Onboard ASA Device to Security Cloud Control using username and password.
Send ASA Syslog Events to the Cisco Cloud.
Configuring NSEL for ASA Devices Using a Security Cloud Control Macro.
Confirm events are visible in Security Cloud Control. From the navigation bar, select Events & Logs > Events > Event Logging. Click the Live tab to view live events.

Use these troubleshooting topics to gather status and logging information about

Troubleshooting Using Security and Analytics Logging Events describes using the events generated from Cisco Security Analytics and Logging to determine why a user can't access a network resource.