02-01-2022 10:30 AM - edited 02-01-2022 10:39 AM
Hi
I will deploy a CSSP Proxy Virtual Machine to send events from my ASA firepower devices to cloud.
For the configuration of send Syslog events to this Virtual Machine I get some questions:
Also I want to know if is possible to configure 2 syslog servers in the {Syslog in Policies > Name Policy > Logging} section?
How do I have to configure the section of the image attached to work with 2 Syslog servers? Actually we only have 1 configured.
This questions are because i want to send the logs in the right way.
Regards
02-01-2022 11:02 AM
I think FMC doesn't support multiple Syslog servers.
02-01-2022 12:25 PM
You could use Platform Settings and configure multiple syslog servers there and deploy that to the FTD/s in question.
02-01-2022 03:24 PM
You have a limitation here, instead of that you are keen on this, set up a Syslog proxy server and send logs to that server,. that Syslog server can inturn send logs to as many you want to
02-02-2022 11:57 PM
Are we talking about sending Syslogs from the FTDs to a Syslog server? if so, I have this setup on several FTDs where I send syslog to a couple different log servers as well as Algosec and it works fine. But you need to configure it using the Platform settings.
11-11-2024 03:13 AM
CSCuz17592 - [ENH] Send syslog messages to more than one client.
Workaround: Send syslog traffic to relay client, and from there to multiple end-clients.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide