Skip to main content

 

 

Cisco Defense Orchestrator

Change Log Entries after Reading from an ASA

When Defense Orchestrator detects a change on an ASA it manages, it opens a change log entry and records the time the configuration conflict was detected. This is the kind of change log entry you could see when Defense Orchestrator detects a conflict:

changelog_conflict_detected.png

After you read the configuration from the ASA to Defense Orchestrator, that change is added to the change log entry and the entry is completed.

changelog_asa_read.png

This entry shows the Conflict Detected change and the deletion of a rule that prevents addresses in the engineering network from reaching the HR_network. The change log entry also shows a change with the message "Successfully imported out-of-band changes." If the admin had chosen to reject the out-of-band change, the change log would have displayed the message "Successfully rejected out-of-band changes on the device" along with what was rejected. Out-of-band changes refers to the changes made to the ASA device directly and not using Defense Orchestrator.

  • Was this article helpful?