Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
541
Views
0
Helpful
3
Replies

Cisco FTD Mail Events

Go to solution
Irakli Gvishiani
Level 1
Level 1

‎09-23-2022 07:47 AM

Hello,

We have Cisco FTD and FMC, version is 7.0.1

I Would like to configure FTD in such way:

When Endpoint device will be compromised then FMC must notify to me by Email. Is it possible?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Irakli Gvishiani
Level 1
Level 1

‎09-23-2022 10:04 AM - edited ‎09-23-2022 10:05 AM

As I understand need to create Correlation Policy.

As condition I use "IOC Tag", am I correct?

IrakliGvishiani_0-1663952601342.png

 

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Irakli Gvishiani
Level 1
Level 1

‎09-23-2022 10:04 AM - edited ‎09-23-2022 10:05 AM

As I understand need to create Correlation Policy.

As condition I use "IOC Tag", am I correct?

IrakliGvishiani_0-1663952601342.png

 

0 Helpful

Go to solution
Irakli Gvishiani
Level 1
Level 1

‎09-23-2022 10:08 AM

As a result, I received mail from FMC:

IrakliGvishiani_1-1663952840629.png

But is it possible to somehow edit mail body? Not very informative right now

0 Helpful

Go to solution
Irakli Gvishiani
Level 1
Level 1

‎09-26-2022 11:27 PM - edited ‎09-26-2022 11:28 PM

As I figured out configuration is a correct, FMC sends alert after device was compromised, but I can't change email body 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card