Active FW Connections Reports
To search for and generate a report on current active sessions through selected Cisco PIX Firewall log sources, use the Active FW Connections Real-Time Report.
The Active Firewall Connection report is generated by monitoring the start and end messages of a particular connection in progress. Connections that have generated a start message but have not yet generated an end message are assumed to be active for a period of time before being timed-out.
Menu path:
In Active FC Connections reports, you must specify the log source:
| Element | Description |
|---|---|
| IP Address | IP address for the log source |
| Port | Port number for the log source |
| Protocol | Protocol type (from the list) |
In addition to setting the common report options in Preparing a Real-Time Report, you can select optional filter operators in the generated report.
Optional filter operators can be sorted in ascending or descending order. Choose sort order using the list. The default is to display all the options.
For information on saving the generated report, see Formats for Saving a Generated Report.
| Option | Description |
|---|---|
| Create Time | Time the session began |
| Connection | ID in the log message assigned to the unique connection |
| Protocol | IP Protocol (TCP, UDP, so on) of the connection |
| Translated IP/Port | Public (NAT’ed) IP address of the source host (IP address only) |
| Source IP/Port | IP address of the internal host device (IP address only) |
| Destination IP/Port | IP address of the external host device (IP address only) |
| Direction | Inbound or Outbound connection attempt |