cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1059
Views
0
Helpful
7
Replies

FMC1000-K9,FTD2110 Case: Events Logging and Connection not showing. Pls share case Thx.

An-Buraphawithi
Level 1
Level 1

FMC is not showing any event and logging connection, I've configured everything as below1.JPG2.JPG3.JPG

 

Information 

    -FMC1000-K9  Version 6.3.0.3 

    -FTD2110  Version 6.3.0.3

 

 

7 Replies 7

Marvin Rhoads
Hall of Fame
Hall of Fame

Are you seeing no connection events at all (under Analysis > Connections)?

I don't see anymore. thx

Dead end ,any idea where to start my troubleshooting?

Your policy setup seems to be correct as far as what you shared already.

The sftunnel process that connects the sensor to FMC may be hung.

It would be best to open a TAC case and they can do some quick checks from the cli to verify and confirm that communications are established properly.

To Marvin

Thx for support. I will take your advice....Have you ever had that problem?   

Yes I have seen it before. The cause may vary but one thing to check is as follows below (from the FMC cli). Interpretation of the output is not immediately obvious so that is why I recommend a TAC case to assist.

 

Get the Current Process status:

  • pmtool status | grep -E "Waiting|Down|Disable|Running"

 

Restart all the processes:

  • /etc/rc.d/init.d/console restart && tail -f /var/log/messages

 

Get the Processes status again:

  • pmtool status | grep -E "Waiting|Down|Disable|Running"

Hi Mavin

Thank you for support. It's true as yousaid.

Process service SFDataCorrelator - is Waiting
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: