Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
925
Views
0
Helpful
3
Replies

FireSight logs

kashifglobal12
Level 1
Level 1

‎08-14-2018 07:11 AM - edited ‎03-12-2019 06:53 AM

Hello All,

I have one fmc on which 5 sourcefire is added. My question is how many logs can fmc Store from each sourcefire. And if we have external syslog server which retrieve logs from fmc does this effect reporting on fmc because all the events like user activity, malware and etc will be maintain in external syslog server?

 

Thank you.... 

Labels:
0 Helpful
3 Replies 3

mikael.lahtela
Level 4
Level 4

‎08-15-2018 02:41 PM - edited ‎08-15-2018 02:43 PM

Hi,

FMC has a shared database for different logging.
You can find the number of event logged under System>Configuration>Database.
Here you can find the limitations:
https://www.cisco.com/c/en/us/products/collateral/security/firesight-management-center/datasheet-c78-736775.html?cachemode=refresh

 

Not sure about what you are thinking about the syslog vs reporting, can you elaborate on that?


br, Mikael

0 Helpful

kashifglobal12
Level 1
Level 1
In response to mikael.lahtela

‎08-17-2018 12:51 AM

Hi Mikael,

What i thinking is that fmc make reports(Dashboard, overview) on basis of
logs created as events. right ! So if we maintain logs or events on
external syslog server will this effect reporting or dashboard information
because logs are maintaining not on fmc but on external syslog server?

0 Helpful

mikael.lahtela
Level 4
Level 4
In response to kashifglobal12

‎08-18-2018 03:23 PM

Hi,

The reports will only show what is logged in the fmc database.
It will not keep track on what has been sent to an external syslog.

br, Mikael
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card