Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
56448
Views
11
Helpful
17
Replies

FirePower Threat Defense Real time log viewer

Go to solution
jackk.rayen
Level 1
Level 1

‎10-13-2016 07:52 AM - edited ‎03-12-2019 01:23 AM

Hi,

In cisco ASDM tool we have a section for real time monitoring the traffic which flow on our device ( monitoring > logging > real time log viewer) in this tab we can monitor all network activity and flow creation and teardown  but when we installed FirePower Threat Defense software and add it on Cisco FMC , actually we lost this real time monitoring ,  How we can monitor real time log int FMC ? Is there any option on FMC for real time Log viewer just ASA ASDM?

thanks

8 people had this problem
Labels:
0 Helpful
17 Replies 17

Go to solution
James_1
Level 1
Level 1
In response to CiscoBrownBelt

‎10-20-2023 07:57 AM - edited ‎10-20-2023 07:58 AM

When your in the Events window. Click on "Edit search". Then in General Information Type "Block" in the Action field.
Then Click "Search". That'll show you all the Blocks that are being logged.

 

Edit Search SS.png

 

Edit SS.png

0 Helpful

Go to solution
AViftrup
Level 1
Level 1
In response to James_1

‎10-20-2023 08:57 AM

You bumped an old topic.

However since the creation of this topic, things has changed. In recent releases (7.0+ or 7.1+) Unified Events was introduced with the function "Live View" which essentially is a real-time logging (there is a minor delay, but its a few seconds in worst case)
This still requires logging at start of end of connection to be present and forwarded for the FMC events of course.

0 Helpful

Go to solution
James_1
Level 1
Level 1
In response to AViftrup

‎10-20-2023 09:53 AM - edited ‎10-20-2023 10:12 AM

I responded to a question from CiscoPurpleBelt  from earlier today.....

However since you brought it up, could you kindly point us in the right direction with some links?

I found some links about the Live View.

https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/admin/710/management-center-admin-71/analysis-unified-events.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card