Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4184
Views
7
Helpful
5
Replies

Enable logging using ftd 2100 cli

vishal77
Level 1
Level 1

‎08-09-2020 10:58 PM

Hello All,

 

Can anyone help me how can I enable logging using Ssh So that I can collect/view debug logs for real time logs and previous logs like 3-4 days before.

 

Below is the output of my ftd cli

 

firepower# show logging 
Syslog logging: disabled
    Facility: 20
    Timestamp logging: disabled
    Hide Username logging: enabled
    Standby logging: disabled
    Debug-trace logging: disabled
    Console logging: disabled
    Monitor logging: disabled
    Buffer logging: disabled
    Trap logging: disabled
    Permit-hostdown logging: disabled
    History logging: disabled
    Device ID: disabled
    Mail logging: disabled
    ASDM logging: disabled
    FMC logging: list MANAGER_VPN_EVENT_LIST, 99 messages logged
firepower#

 

1 person had this problem
5 Replies 5

Mohammed al Baqari
Level 11
Level 11

‎08-09-2020 11:31 PM

Hi,

You can do this using FMC or FDM depending on how you manage your unit. You
can't do it directly from FTD CLI.

here are some guides

https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200479-Configure-Logging-on-FTD-via-FMC.html
https://www.cisco.com/c/en/us/td/docs/security/firepower/640/fdm/fptd-fdm-config-guide-640/fptd-fdm-system.html

**** please remember to rate useful posts

tilo.harder
Level 1
Level 1
In response to Mohammed al Baqari

‎01-18-2023 06:38 AM

Hi,

When enabling logging in FDM (Device Manager not FMC) 'console logging' is enabled and not 'monitor logging'
------------------------------

Syslog logging: enabled
Facility: 20
Timestamp logging: enabled
Timezone: disabled
Hide Username logging: enabled
Standby logging: disabled
Debug-trace logging: disabled
Console logging: level warnings, 2062 messages logged
Monitor logging: disabled
Buffer logging: level warnings, 2062 messages logged
-----------------------------------------------------------------
How can i enable 'monitor logging' via FDM?

When enabling loging in FMC for SSH settings then 'monitor logging' gets enabled.

CiscoPurpleBelt
Level 6
Level 6
In response to tilo.harder

‎03-24-2023 06:15 AM

Did you even do this via CLI?

0 Helpful

CiscoPurpleBelt
Level 6
Level 6
In response to Mohammed al Baqari

‎03-24-2023 06:15 AM

What about for a 2100 via FMC or CLI I can't find documentation for it?

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to CiscoPurpleBelt

‎03-24-2023 06:38 AM

For all Firepower hardware we can do this via the platform settings in the managing FMC. You can use platform settings for all your managed devices (most common) or have varying ones for different devices if you prefer.

Just follow the link provided earlier by @Mohammed al Baqari or go here directly:

https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200479-Configure-Logging-on-FTD-via-FMC.html#anc11

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card