07-12-2021 05:41 AM
Hi I'm testing out a new FTD 1000 series and having a real hard time since i'm very used to ASA and ASDM.
I'm having an issue with Monitoring > Events which is always empty. I need to know what events are happening in realtime similar to "Monitoring > Logging > View on ASA but i'm unable to do so.
Solved! Go to Solution.
07-12-2021 07:23 AM
On FDM navigate to Policies > Access Control. Then modify each Access Rule, click the "Logging" tab and then enable Logging, best practice is to enable at the End of the Connection. Save and deploy policy.
Example:-
07-12-2021 05:53 AM - edited 07-12-2021 05:55 AM
You need to enable Logging for the ACP to get the Logs (have you ?)
Make sure you configure - platform setting for Logs
FMC - Go to Policies-->Access-Policies
Select ACP - use Logging ( depends on requirement)
07-12-2021 05:56 AM
Unfortunately we're not using FMC, we're using FDM (Firepower Device Manager) to configure.
07-12-2021 07:11 AM
should be same i guess, never used FDM ( as per i know there is Limited features compare to FMC)
Look at the config guide : you may find some information
https://www.cisco.com/c/en/us/td/docs/security/firepower/660/fdm/fptd-fdm-config-guide-660.html
07-12-2021 07:23 AM
On FDM navigate to Policies > Access Control. Then modify each Access Rule, click the "Logging" tab and then enable Logging, best practice is to enable at the End of the Connection. Save and deploy policy.
Example:-
07-12-2021 07:30 AM
Awesome This worked thank you!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide