cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1308
Views
0
Helpful
2
Replies
Highlighted

Audit Logs for Security policy changes on FMC

Hello Everyone,

wondering, how do we track FMC admin logs , I want to have a log about any changes that has been done in FMC ? like adding a new rule or updating existing one.

I know there is an audit log option in the FMC under configuration however using that I could not see detailed information on what exact  changes has been done by the users. 

below syslog output that has been generated by FMC :

 <14>Aug 01 06:39:42 sfdccsm: [testfmc] testfmc fmcadmin@IP address, Policies > Access Control > Access Control > Firewall Policy Editor, Save Policy Testing Policy

Looking at above logs , we can see that fmcadmin has done some changes in the access control section and save the policies , however how to track what changes he has done  by this user ? if fmcadmin has created a new rule or edited an existing one. 

Thanks for help!

2 REPLIES 2
Rising star

Version 6.2.2 will introduce

Version 6.2.2 will introduce more verbose audit logs for access control policy changes. As of now there is no way to track changes using the audit log.

Re: Audit Logs for Security policy changes on FMC

Hi Prashant

 

Can you share version of FMC 

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards
This widget could not be displayed.