cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
637
Views
5
Helpful
3
Replies

firepower log collect

ssrinidhi
Level 1
Level 1

I there option to collect firepower logs in a readable format(json/xml) rather than using estreamer. Or can we do it using proxy

3 Replies 3

Estreamer is the way to go here, and have a client that fetches the logs from the estreamer server and parse it into JSON.

https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/215631-understand-estreamer-and-troubleshoot-en.html

 

--
Please remember to select a correct answer and rate helpful posts

thank you @Marius Gunnerud , also what is the format does the estreamer return the logs, is there a role that proxy server could play to get the data in readable format

I have not dived that deep into estreamer, but according to the documentation it uses UTF-8

https://www.cisco.com/c/en/us/td/docs/security/firepower/660/api/eStreamer/EventStreamerIntegrationGuide_660.pdf

 

--
Please remember to select a correct answer and rate helpful posts
Review Cisco Networking for a $25 gift card