11-22-2022 03:06 AM
Hello all,
Would anyone know, if the Syslog message for 430001 to 430005 can be tuned in the FTD/FMC ?
I want to stop sending logging for some of the Connection Event Fields.
Thanks
11-22-2022 03:12 AM
Can you confirm tuned means you do not like to send or you like to send ?
You can only send certain message to syslog Look below :
https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200479-Configure-Logging-on-FTD-via-FMC.html
BB
***** Rate All Helpful Responses *****
How to Ask The Cisco Community for Help
11-22-2022 03:37 AM
Hello,
Correct, I want to keep IDs 430001 to 430005 but tune out some the noise, so it's not sending everything via those log's
On your link - I have seen and read this too, that's what I realised.
Thanks anyway.
11-22-2022 04:27 AM
Sure now you know how to do, goog stuff..!
12-13-2022 05:09 PM
What are logging to? Syslog does indeed create a lot of noise. If you are using Splunk, it is not recommended to use syslog. Use eStreamer.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
