Security events logged and monitored by the ASA.

Describe the different types of security events logged and monitored by the ASA.

Events logs are categorized into a few default types based on the component which is at default. The following logs are made by Cisco ASA:

• Application log: Any log that takes place is recorded by an application in this type of log. It is made by developers therefore, it is a pre-installed feature of an application. An application error when you open an app is an example of an application log.

• Security log: Login attempts and deletion of files are recorded in such types of logs. It depends on the administrator which logs it wants to record according to the audit policy.

• System log: Events are logged by the operating system in such a type of log. 

• DNS server log: This type of log records the DNS server and resolution events. The access of such logs is only to the DNS server.

• Directory service log: It keeps track of AD events. This log can only be accessed by domain controllers.

• File replication service log: All the events that occur in the domain controller replication are recorded as an event log. This log is accessed by domain controllers only.