topic Missing connection logs in Network Security

Missing connection logs

Otvforte — Fri, 11 Jul 2025 11:30:19 GMT

Hello,

I've successfully configured an external syslog server on FDM, and it's receiving messages correctly. I've set the Default Action Block to send syslog messages, and those are arriving as expected on the external server (among other messages).

However, I’ve also configured an Access Control Entry (ACE) that allows internet access (from inside to outside) with logging enabled, but I’m not seeing any syslog messages related to that rule. It seems like the logs are either not being generated or not being sent.

For instance, I can see these logs under Events > Connections in the FDM interface, but they are not appearing on the external syslog server.

Could you help me understand what might be missing or misconfigured?

ACE that is generating connection logs (missing):

Syslog server settings:

Thank you,

Re: Missing connection logs

MHM Cisco World — Fri, 11 Jul 2025 11:35:08 GMT

> show running logging

Re: Missing connection logs

Otvforte — Fri, 11 Jul 2025 11:56:07 GMT

Here you are,

show running-config logging
logging enable
logging timestamp
logging console informational
logging buffered informational
logging trap informational
logging host inside 192.168.0.2
logging permit-hostdown

Re: Missing connection logs

MHM Cisco World — Fri, 11 Jul 2025 12:01:20 GMT

It OK' is server connect to inside interface?

MHM

Re: Missing connection logs

Otvforte — Fri, 11 Jul 2025 12:07:10 GMT

Yes, and its also already receiving some logs from FDM, but missing connections logs.

Re: Missing connection logs

MHM Cisco World — Fri, 11 Jul 2025 12:12:50 GMT

What is action you use trust ? (I can not see it clearly)

If yes then change it to allow

Trust normally not generate log

MHM

Re: Missing connection logs

Otvforte — Fri, 11 Jul 2025 15:15:22 GMT

Tried with action 'Allow', same results. Most of the syslogs are like this bellow and don't show the URL, which is what i'm looking for

Again, on Events / Connection, logs are fine

Re: Missing connection logs

MHM Cisco World — Fri, 11 Jul 2025 19:48:32 GMT

> show conn
then
>clear conn <IP>

note:- use Allow not trust as action

MHM

Re: Missing connection logs

Otvforte — Fri, 11 Jul 2025 20:00:55 GMT

Hi,

I couldn't understand how this command can be related with the logs issue.

Thank you,

Re: Missing connection logs

MHM Cisco World — Fri, 11 Jul 2025 20:03:55 GMT

if the FTD have Conn then it not pass traffic via ACP and hence you can not get Log
clear Conn so the connection start hit ACP

MHM

Re: Missing connection logs

MHM Cisco World — Sat, 12 Jul 2025 14:52:03 GMT

Any update?

MHM

Re: Missing connection logs

Otvforte — Mon, 14 Jul 2025 11:37:20 GMT

Hi, no changes yet, still missing success connection logs on syslog (not on Events). It's a lab so I'll reset the FTD and try again, let you know if I find out the answer. Thank you.

Re: Missing connection logs

MHM Cisco World — Sun, 27 Jul 2025 13:07:26 GMT

I also participate in other post

Same issue

I suggest to him use packet tracer

Abd after that engineer get log.

Try same way

MHM