Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
294
Views
0
Helpful
0
Replies

Cisco SAL on Prem

nichamon
Level 1
Level 1

‎10-25-2023 11:47 PM

Hi,

I have try to connect my ASA5555 FTD6.4 on FMC for sent syslog to SAL (On Prem) on SNA in manager only mode. As I research If I use SNA manager to install SAL (On Prem) that didn't required CDO, Is it?

I have followed https://www.cisco.com/c/en/us/td/docs/security/sal-on-prem/integration/deployment_guide/csal_op_for_fmc_7_0_deploy_guide.pdfhttps://www.cisco.com/c/en/us/td/docs/security/sal-on-prem/integration/csal_op_app_3_2_0_deploy_guide/m_csal_op_deploy_steps_v...

by step

- Install the Security Analytics and Logging (OnPrem) App

For Managed Devices Running Versions Earlier than 7.0, Use Syslog

- Configure Firepower Threat Defense Settings to Export syslog to Secure Network Analytics

- Enable Connection Event Logging to syslog per Access Control Rule

- On my SAL (On Prem) I'm still have no logging.

 

and there is my FTD

firepower# sh run logging
logging enable
logging timestamp rfc5424
logging emblem
logging list MANAGER_VPN_EVENT_LIST level informational class auth
logging list MANAGER_VPN_EVENT_LIST level informational class vpn
logging list MANAGER_VPN_EVENT_LIST level informational class vpnc
logging list MANAGER_VPN_EVENT_LIST level informational class vpnfo
logging list MANAGER_VPN_EVENT_LIST level informational class vpnlb
logging list MANAGER_VPN_EVENT_LIST level informational class webfo
logging list MANAGER_VPN_EVENT_LIST level informational class webvpn
logging list MANAGER_VPN_EVENT_LIST level informational class ca
logging list MANAGER_VPN_EVENT_LIST level informational class svc
logging list MANAGER_VPN_EVENT_LIST level informational class ssl
logging list MANAGER_VPN_EVENT_LIST level informational class dap
logging list MANAGER_VPN_EVENT_LIST level informational class ipaa
logging FMC MANAGER_VPN_EVENT_LIST
logging host ngfw-management 192.168.2.177 17/8514 format emblem
logging permit-hostdown
no logging message 106015
no logging message 313001
no logging message 313008
no logging message 106023
no logging message 710003
no logging message 302015
no logging message 302014
no logging message 302013
no logging message 302018
no logging message 302017
no logging message 302016
no logging message 302021
no logging message 302020
firepower#

Am I missed some process? I have try to find and research some information about SAL (On Prem) but I'm only see about SaaS with CDO. 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents