Active FW Connections Reports
To search for and generate a report on current active sessions through selected Cisco PIX Firewall log sources, use the Active FW Connections Real-Time Report.
The Active Firewall Connection report is generated by monitoring the start and end messages of a particular connection in progress. Connections that have generated a start message but have not yet generated an end message are assumed to be active for a period of time before being timed-out.
Menu path:
In Active FC Connections reports, you must specify the log source:
| Element | Description |
|---|---|
| IP Address | IP address for the log source |
| Port | Port number for the log source |
| Protocol | Protocol type (from the drop-down menu) |
In addition to setting the common report options in Preparing a Real-time Report, you can select optional filter operators in the generated report.
Optional filter operators can be sorted in ascending or descending order. Choose sort order using the drop-down menu. The default is to display all the options.
For information on saving the generated report, see Formats for Saving a Generated Report.
| Option | Description |
|---|---|
| Create Time | Time the session began |
| Connection | ID in the log message assigned to the unique connection |
| Protocol | IP Protocol (TCP, UDP, so on) of the connection |
| Translated IP/Port | Public (NAT’ed) IP address of the source host (IP address only) |
| Source IP/Port | IP address of the internal host device (IP address only) |
| Destination IP/Port | IP address of the external host device (IP address only) |
| Direction | Inbound or Outbound connection attempt |