Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1732
Views
15
Helpful
2
Replies

Can we use FMC as a syslog server for managed sensors?

Go to solution
matty-boy
Level 1
Level 1

‎01-30-2019 12:29 PM - edited ‎02-21-2020 08:43 AM

Hi all,

 

We have a customer with an FMC/FTD deployment. They currently have no central syslog service to send syslogs from the FTDs.

 

FMC is good at storing security related logs but what about infrastructure logs generated by FTDs (routing peer or physical link up/down, admin made a config change, etc)? Is there any way we can send these sorts of logs to the FMC as a central syslog server?

 

Thanks in advance,

Matt.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-31-2019 08:47 AM

I don't think so.

 

Normally, events sent from the sensors get to FMC via the eventing interface which uses TLS over tcp/8302.

 

Syslog would require the FMC to be listening on udp/514 (which it does not) and be able to store, parse and display syslog message format.

View solution in original post

2 Replies 2

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-31-2019 08:47 AM

I don't think so.

 

Normally, events sent from the sensors get to FMC via the eventing interface which uses TLS over tcp/8302.

 

Syslog would require the FMC to be listening on udp/514 (which it does not) and be able to store, parse and display syslog message format.

Go to solution
matty-boy
Level 1
Level 1
In response to Marvin Rhoads

‎01-31-2019 09:58 AM

Thank you for confirming my suspicion Marvin. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card