Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
135
Views
1
Helpful
9
Replies

Missing connection logs

Otvforte
Level 1
Level 1

‎07-11-2025 04:30 AM

Hello,

I've successfully configured an external syslog server on FDM, and it's receiving messages correctly. I've set the Default Action Block to send syslog messages, and those are arriving as expected on the external server (among other messages).

However, I’ve also configured an Access Control Entry (ACE) that allows internet access (from inside to outside) with logging enabled, but I’m not seeing any syslog messages related to that rule. It seems like the logs are either not being generated or not being sent.

For instance, I can see these logs under Events > Connections in the FDM interface, but they are not appearing on the external syslog server.

Could you help me understand what might be missing or misconfigured?

ACE that is generating connection logs (missing):

Otvforte_0-1752232898817.png

Syslog server settings:

Otvforte_1-1752232989665.png

Thank you,

0 Helpful
9 Replies 9

MHM Cisco World
VIP
VIP

‎07-11-2025 04:35 AM

> show running logging 

Share this 

MHM

0 Helpful

Otvforte
Level 1
Level 1

‎07-11-2025 04:56 AM

Here you are,

show running-config logging
logging enable
logging timestamp
logging console informational
logging buffered informational
logging trap informational
logging host inside 192.168.0.2
logging permit-hostdown

0 Helpful

MHM Cisco World
VIP
VIP
In response to Otvforte

‎07-11-2025 05:01 AM

It OK' is server connect to inside interface? 

MHM

0 Helpful

Otvforte
Level 1
Level 1

‎07-11-2025 05:07 AM

Yes, and its also already receiving some logs from FDM, but missing connections logs.

MHM Cisco World
VIP
VIP
In response to Otvforte

‎07-11-2025 05:12 AM

What is action you use trust ? (I can not see it clearly)

If yes then change it to allow 

Trust normally not generate log 

MHM

0 Helpful

Otvforte
Level 1
Level 1

‎07-11-2025 08:15 AM

Tried with action 'Allow', same results. Most of the syslogs are like this bellow and don't show the URL, which is what i'm looking for

Otvforte_0-1752246792669.png

Again, on Events / Connection, logs are fine

Otvforte_1-1752246900199.png

 

 

0 Helpful

MHM Cisco World
VIP
VIP
In response to Otvforte

‎07-11-2025 12:48 PM

> show conn 
then 
>clear conn <IP>

note:- use Allow not trust as action 

MHM

0 Helpful

Otvforte
Level 1
Level 1
In response to MHM Cisco World

‎07-11-2025 01:00 PM

Hi, 

I couldn't understand how this command can be related with the logs issue.

Thank you,

0 Helpful

MHM Cisco World
VIP
VIP
In response to Otvforte

‎07-11-2025 01:03 PM

if the FTD have Conn then it not pass traffic via ACP and hence you can not get Log 
clear Conn so the connection start hit ACP

MHM

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card