Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2575
Views
10
Helpful
7
Replies

FMC - Logging deployment history to remote server

konemg
Level 1
Level 1

‎12-22-2022 01:45 AM

Hi,

I would like to log into remote server (as syslog, for example) each deployment configuration (the modifications). On my FMC, there's a section called "Deployment history" where you can see all the history changes, I want that. How can I send this information to a remote server?

I have been looking for a specific Syslog ID to configure my syslog (at Platform Settings) that logs these changes, but I couldn't find one.

Any idea how can I do it?

Regards!

0 Helpful
7 Replies 7

MHM Cisco World
VIP
VIP

‎12-22-2022 02:40 AM

Configure Logging on FTD via FMC - Cisco

check this guide

0 Helpful

konemg
Level 1
Level 1
In response to MHM Cisco World

‎12-22-2022 02:53 AM

Hi,

I have already checked this post and explains how to configure remote logging on FTD, but there's no specific explanation about how to log deployed changes. 

Thank you!

0 Helpful

MHM Cisco World
VIP
VIP
In response to konemg

‎12-22-2022 02:56 AM - edited ‎12-22-2022 02:56 AM

Screenshot (154).png
from guide I attach, 

0 Helpful

konemg
Level 1
Level 1
In response to MHM Cisco World

‎12-22-2022 03:13 AM

Hi,

I know there is a section to specify Message ID's, the point is that there's no one that logs deployed changes. For example, as your screenshot shows, the Message ID 106002 logs "Connection denied by outbound".  Look at the reply of @balaji.bandi.

Thanks!

0 Helpful

MHM Cisco World
VIP
VIP
In response to konemg

‎12-22-2022 03:25 AM

first step is config event list, the n under event class you select event list and name. 

Screenshot (155).pngScreenshot (156).png

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎12-22-2022 02:43 AM

i have not come across any specific syslog ID to send to syslog for the deployment history. (yes good to have that option - may be cisco wish request here i guess here).

others welcome to post - happy to learn if one have other suggestions.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-22-2022 04:42 AM

You cannot send these events to syslog directly as far as I know. However you can email them via a scheduled report.

Open System > Monitoring > Audit, the click on Reporting. Customize the report to only include events with "Deployment" in the message. Like this:

Audit report - deployments.png

You can then create a scheduled task to run this report periodically and send it out via email. Perhaps your syslog server has the ability to ingest the email attachments with some parsing help?

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card