cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1034
Views
0
Helpful
1
Replies

FMC default logging profile

rosarra
Level 1
Level 1

Hello,

in my network infrastructure I have installed two FTD 4112 (6.7) controlled by two FMC 2600 (7.0)
After setting the log on each rule (one by one) on the FMC I can see the events on the controller GUI. Now I would like to send the logs also on a syslog server that I have configured in the FMC settings. Unfortunately I don't receive any allow or drop event of the rules and I suspect I have to configure one by one (again) all the rules adding the log option on the syslog server. Is it possible to configure a super rule or a default profile that sets the same behavior for all the rules?

Thank you,

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

You can multi-select access control policy rules to change common elements like logging.

Select your first rule, hold the Shift key and then select the last rule (or use Control key for non-contiguous rules). Right click and select edit.

You should see something like this:

FMC multi-edit.PNG

View solution in original post

1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

You can multi-select access control policy rules to change common elements like logging.

Select your first rule, hold the Shift key and then select the last rule (or use Control key for non-contiguous rules). Right click and select edit.

You should see something like this:

FMC multi-edit.PNG

Review Cisco Networking for a $25 gift card