Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi All, We are in the proceed of building a S2S VPN between a ASA and a iOS router. The ISAKMP status sits at MSG6 on my ASA and we verified that the PSK is working fine, we even re-did the tunnel group. I would want my client to set my isakmp peer I...
Hello, We recently upgraded the FMC to 6.2.2 and we re-initiated the logging from the client ( a linux based SIEM) but we observed the below error Error reading events from "FMC IP". java.io.IOException: Connection is broken. Read operation return "-...
Hello All, We are collecting logs from FTD via a FMC using E-streamer and I can see that the sample events from the FTD device doesn't contains all the fields. Below is the sample data that we received and comparing it with a managed device, the data...
Hello All,
I was reviewing the intrusion events for PUA-OTHER Cryptocurrency Miner outbound connection attempt (1:46237:1) signature and not sure why the Action on this signature is Would have dropped. Please find further details:
1) FirePower devi...
Hello All,
Currently we have a customer who has SourceFire v4.10 and would like to configure the SourceFire devices to send syslog alerts to a syslog server. I have checked the Advanced Settings of the IPS Policy and there is no option to define if...
The screenshot that I provided is from v6.2.2 but the question was posted for v4. I don't think this option doesn't exists for FirePower but only for FTD.
Hi,
I guess this is what my issue is, creating a FirePower Settings policy doesn't provide the syslog logging for TCP, please check the attached screenshot that I created for one of the FirePower Settings and under audit log settings, I don't have ...
Thanks for this, but these aren't FTD devices, they are just FirePower 7000 and 8000 series devices. Can a FTD System Policy still work for just FirePower devices?
