Change Log Entries after Reading Changes from an ASA

When Cisco Defense Orchestrator (CDO) detects a change on an ASA that it manages, it opens a change log entry and records the time when the configuration conflict was detected. You see this change log entry when CDO detects a conflict:

If you accept the changes, or review and accept the changes, that change is added to the change log entry and the entry is completed.

This entry shows the Conflict Detected change and the deletion of a rule that prevents addresses in the engineering network from reaching the HR_network. The change log entry also shows a change with the message "Successfully imported out-of-band changes." If the admin chooses to reject the out-of-band change, the change log will display the message "Successfully rejected out-of-band changes on the device" along with what was rejected. Out-of-band changes refers to the changes made to the ASA device directly without using CDO.

Related Topics

• Manage Change Logs in CDO

• Change Log Entries after Deploying to an ASA

• View Change Log Differences

• Reading, Discarding, Checking for, and Deploying Configuration Changes