ā04-16-2023 11:30 PM
Dear All ,
We have a requirement to send the FTD and FMC syslog in CEF format. Is it supported by FTD??
Please let me know how we can configure if its supported for FMC/FTD.
FMC and FTD Version:7.0.5
Br,
Shine Sudheesh
Solved! Go to Solution.
ā04-17-2023 06:46 AM
ā04-16-2023 11:38 PM
- Check available command options when configuring a syslog server through the CLI :
logging host <syslog_server_IP_address> ?
M.
ā04-17-2023 01:17 AM - edited ā04-17-2023 05:24 AM
Dear Marce ,
Thanks for your reply.
But this is for FTD and FMC.
Cant get in to config mode on cli.
Br,
Shine Sudheesh
ā04-17-2023 06:37 AM
Common Event Format (CEF) is not currently supported by Cisco FTD firewalls or FMC.
ā04-17-2023 06:46 AM
ā04-17-2023 08:03 AM
That's interesting @MHM Cisco World . It appears that, under the covers, eStreamer uses CEF. At least that's how I read that guide.
ā12-14-2023 02:14 PM
Yes, you can get CEF formatted logs out of the FMC using the eStreamer integration, but you have to use an external third party python script (eStreamer encore) to PULL the logs from the FMC and the estreamer is what is doing the formatting. It would be much better if we could just natively send from the FMC or FTD in CEF format (PUSH).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide