Solved: Re: Cisco FTD / FDM Event Viewer or Realtime Monitoring

wcutajar · ‎07-12-2021

Hi I'm testing out a new FTD 1000 series and having a real hard time since i'm very used to ASA and ASDM.

I'm having an issue with Monitoring > Events which is always empty. I need to know what events are happening in realtime similar to "Monitoring > Logging > View on ASA but i'm unable to do so.

Rob Ingram · ‎07-12-2021

@wcutajar

On FDM navigate to Policies > Access Control. Then modify each Access Rule, click the "Logging" tab and then enable Logging, best practice is to enable at the End of the Connection. Save and deploy policy.

Example:-

View solution in original post

balaji.bandi · ‎07-12-2021

You need to enable Logging for the ACP to get the Logs (have you ?)

Make sure you configure - platform setting for Logs

FMC - Go to Policies-->Access-Policies

Select ACP - use Logging ( depends on requirement)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

wcutajar · ‎07-12-2021

Unfortunately we're not using FMC, we're using FDM (Firepower Device Manager) to configure.

balaji.bandi · ‎07-12-2021

should be same i guess, never used FDM ( as per i know there is Limited features compare to FMC)

Look at the config guide : you may find some information

https://www.cisco.com/c/en/us/td/docs/security/firepower/660/fdm/fptd-fdm-config-guide-660.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Rob Ingram · ‎07-12-2021

@wcutajar

On FDM navigate to Policies > Access Control. Then modify each Access Rule, click the "Logging" tab and then enable Logging, best practice is to enable at the End of the Connection. Save and deploy policy.

Example:-

wcutajar · ‎07-12-2021

Awesome This worked thank you!