Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1888
Views
0
Helpful
3
Replies

Policy Deployment Alert for Cisco FMC

Go to solution
NeWGuy1109
Level 1
Level 1

‎10-24-2019 06:59 AM

Hello,

 

I want to configure alerts for FMC in such a way that every time a policy is deployed the intended recipients should receive an email. Is it possible to configure this functionality in FMC ? I am aware about the IPS/correlation/Health notifications but not sure about policy deployment alerts.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-24-2019 11:32 AM

As of the current FMC 6.5 we can only do that if the policy deployment was a scheduled task.

Manual deployments cannot currently be highlighted with an email from FMC.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-24-2019 11:32 AM

As of the current FMC 6.5 we can only do that if the policy deployment was a scheduled task.

Manual deployments cannot currently be highlighted with an email from FMC.

0 Helpful

Go to solution
NeWGuy1109
Level 1
Level 1
In response to Marvin Rhoads

‎10-25-2019 12:06 AM

Thank you for the reply Marvin..

Is there any other way to configure email alerts for whatever changes done on the FMC or FTD.. like audit logs that can be sent through email notifications?
0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to NeWGuy1109

‎10-25-2019 04:59 AM

You can tell FMC to send a daily change reconciliation report but it's really a holdover from the Sourcefire days and only includes changes to the Intrusion Policy - not other bits such as Access Control Policy or Platform Settings changes.

You do get an audit log message and you can tell FMC to send its audit logs to an external syslog server. Depending on the syslog server, you could tell it to watch for certain messages and escalate those as an email. for example, Solarwinds NPM can do this.

Here's an example of the message that's generated as a result of a successful deployment:

FMC Deployment syslog message.PNG

(I just pointed FMC auditing syslog destination to a Windows server and ran Wireshark on it with a capture filter of udp/514 (syslog).)

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top