Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2464
Views
0
Helpful
1
Replies

Firepower IPS logging - syslog vs estreamer

sindandoh
Frequent Visitor
Frequent Visitor

‎08-25-2021 09:16 AM

Hello,

 

Is it be possible to collect Firepower IPS connection events via syslog rather than estreamer (FMC)? If yes, is there any info that may be missed (e.g. security intelligence events, any potential interesting fields within the connection event?)

My understanding is that the FMC/estreamer adds some correlation/enrichments to the connection events. 

 

Thanks,

0 Helpful
1 Reply 1

Marius Gunnerud
VIP Alumni
VIP Alumni

‎08-25-2021 01:15 PM

As far as I know you need to use estreamer to get IPS, security intelligence, (etc.) type events.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card