Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
306
Views
0
Helpful
1
Replies

View threat defense service policy log

alireza82
Level 1
Level 1

‎08-13-2023 10:16 AM

Hi everyone

I just config threat defense service policy in ftd 7.2.4, the problem is when the connection limit arrise

I can't find traffic drop log. policy work's fine and drop traffic at limit I expect, but i can't find any corresponding log in fmc.

Any suggestions? 

0 Helpful
1 Reply 1

JennieZhang
Cisco Employee
Cisco Employee

‎08-30-2023 12:17 AM - edited ‎08-30-2023 12:19 AM

Hello @alireza82 

As per my understanding, the issue is that you can not find any events from  "events" under "Connections" from  "analysis" menu, although the connection was disconnected. is this understanding correct?

If yes, how is the logging options configured in your FMC?

https://www.cisco.com/c/en/us/td/docs/security/firepower/70/configuration/guide/fpmc-config-guide-v70/connection_logging.html?bookSearch=true#ID-2174-0000034c

Please kindly check above page to make sure that you have configured appropriate logging options for your ACP rules.

If my above understanding is incorrect please let me know the details, such as how you configured logging options, how you tested and confirmed that the connection was disconnected. 

Regards

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card