Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1497
Views
0
Helpful
2
Replies

Cisco Firepower external DBs supported

AlexPi
Level 1
Level 1

‎02-19-2018 08:38 AM - edited ‎02-21-2020 07:22 AM

I am relatively new in using Firepower IPS and clearly using the internal/local database for all the logs makes the whole system too slow to search for events and obviously the window of backlog is too small. I would like to push all these logs to an external DB.

 

What are the supported SQL versions for Firepower Management 6.2.1?

 

Also it is my understanding that going with MSSQL is out of the window, which is bad since we have extensive MSSQL clustered environments.

 

Any advice would be greatly appreciated!


------------------------------------------------------------------
If this was helpful, please vote as helpful by clicking on the star icon below.
-------------------------------------
Labels:
0 Helpful
2 Replies 2

mikael.lahtela
Level 4
Level 4

‎03-19-2018 01:53 PM

Hi,

I would want to suggest you to look at eStreamer to send events to an external event logging.
https://www.cisco.com/c/en/us/td/docs/security/firepower/620/api/eStreamer/EventStreamerIntegrationGuide/Intro.html

br, Micke
0 Helpful

AlexPi
Level 1
Level 1
In response to mikael.lahtela

‎05-03-2018 02:48 AM

Thanks for the suggestion! That looks pretty cool. 

 

I guess I could keep a much longer backlog there, since ideally we want to be able to search up to 6 months back. 

------------------------------------------------------------------
If this was helpful, please vote as helpful by clicking on the star icon below.
-------------------------------------
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card