Skip to main content

 

 

Cisco Defense Orchestrator

Change Log Entries after Reading Changes from an ASA

When Cisco Defense Orchestrator (CDO) detects a change on an ASA it manages, it opens a change log entry and records the time the configuration conflict was detected. This is the kind of change log entry you could see when CDO detects a conflict:

changelog_conflict_detected.png

If you accept the changes, or review and accept the changes, that change is added to the change log entry and the entry is completed.

changelog_asa_read.png

This entry shows the Conflict Detected change and the deletion of a rule that prevents addresses in the engineering network from reaching the HR_network. The change log entry also shows a change with the message "Successfully imported out-of-band changes." If the admin had chosen to reject the out-of-band change, the change log would have displayed the message "Successfully rejected out-of-band changes on the device" along with what was rejected. Out-of-band changes refers to the changes made to the ASA device directly and not using CDO.

  • Was this article helpful?