cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1481
Views
0
Helpful
1
Replies

Connection Event Send to External Syslog Server

rockey
Level 1
Level 1

Can anyone help me on connection event's on FTD 6.4.0.We configured the eStremer and selected connection events as well but on external server i am not getting connection event log , only received IPS logs.I need complete log like source ip , destinatiopn ip , port no. , deny or allow web application , url.

How to send our connection event log to external syslog server ?

1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

eStreamer is not syslog but rather a unique messaging format. If you want to send syslogs for connection events externally then you need to define your syslog server and related settings under Devices > Platform Settings > Syslog. Then in your Access Control Policy choose to send events as syslog either globally for the ACP or for individual entries.

Review Cisco Networking for a $25 gift card