10-15-2021 12:59 PM
Is it possible to extract FMC Logs to a different system ?
10-15-2021 01:42 PM
You mean from FMC to other system - yes possible check by login to FMC and $sudo su give you access to Linux access.
BB
***** Rate All Helpful Responses *****
How to Ask The Cisco Community for Help
10-15-2021 01:46 PM
But what will be the Log file name I should look for ?
Just to be clear , i am referring to the all kind of events ( like Connection events , Intrusion events etc ) I can see from FMC.
10-15-2021 02:04 PM
As per i know in terms of events they are stored in DB (PostgreSQL- i guess), you can backup them as per the below guide :
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Backup_and_Restore.html
You can configure Syslog to an external server to offload them.
Most of the other logs stored /var/log
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
