06-26-2024 02:44 AM
Hello,
I'm trying to change the facility via LinaConfigTool on a Cisco 2100 FTD, 7.0 for intrution event logs.
I've used this command to change the facility for syslogs:
/usr/local/sf/bin/LinaConfigTool "logging facility 19"
Is there any similar for intrution event logs? Or can you do it any other way without FMC?
Kind regards,
Tom Pennerborn
Solved! Go to Solution.
06-26-2024 04:10 AM
I've found the soulution
In the file /ngfw/var/sf/detection_engines/YOUR-OWN/ids_alert.conf
Under intrution change facility to one from this document: external_alerting_for_intrusion_events.pdf (cisco.com)
06-26-2024 04:10 AM
I've found the soulution
In the file /ngfw/var/sf/detection_engines/YOUR-OWN/ids_alert.conf
Under intrution change facility to one from this document: external_alerting_for_intrusion_events.pdf (cisco.com)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide