05-12-2021 05:57 AM
Has anyone here set up logging from FTD to Algosec? The only documentation I have found on the Algosec site with regards to logging was for ASA and there it stated that syslog message ID 106100 is needed. This syslog ID is not available in FTD after 6.2. So I am wondering if anyone has successfully set up logging towards Algosec and which syslog message IDs were used?
06-29-2023 06:31 AM
Not using Algosec, running into a similar problem though. Have you ever managed to fix/solve it?
06-29-2023 06:37 AM
Yes, solved this by enabling logging to syslog server under each ACP rule. Once I did this syslog was sent.
06-29-2023 06:41 AM
06-29-2023 06:53 AM
FTD doesn't use 106100, it uses the following:
430002 - log at beginning
430003 - log at end
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide