cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
300
Views
1
Helpful
8
Replies

Searching For Activity From A Specific IP

ITSupporter
Level 1
Level 1

I'm new to FMC/FTD and I'm looking for ways to search for activity to/from a specific IP. I tried searching in Connection Events but it came up empty. Suggestions will be appreciated.

8 Replies 8

Eric R. Jones
Level 4
Level 4

I have followed this information and have used it; however, seems like some of the choices displayed in the example are no longer available. I'm on version 7.2.5 so when it states that you can save column sets that doesn't appear.

Eric R. Jones
Level 4
Level 4

could it be related to this bug, Cisco Bug: CSCwe83592

Pulkit Mittal
Level 1
Level 1

You will find this very helpful.

Cisco Secure Firewall - Unified Events Viewer: Tips & Tricks (youtube.com)

If you find this useful, please mark it helpful and accept the solution.

Also, this one, bit old though.

43- Firepower Advanced Network Analysis Connection Events & Security Intelligence (youtube.com)

If you find this useful, please mark it helpful and accept the solution.

Eric R. Jones
Level 4
Level 4

Below is what I see when I access the icon. It doesn't offer the option to save anything.

Checked to see if it is something I set on the widget but so far no that's not it.

EricRJones_0-1712113550986.png

 

I think you misunderstand the search 

There is search which search life event log (can not save) 

And there is template for event log,  This template build new event log with some column you specify.

Hope I am correct here, and I Wil share more details tonight

MHM

Eric R. Jones
Level 4
Level 4

thank you

Review Cisco Networking products for a $25 gift card