11-22-2022 03:06 AM
Hello all,
Would anyone know, if the Syslog message for 430001 to 430005 can be tuned in the FTD/FMC ?
I want to stop sending logging for some of the Connection Event Fields.
Thanks
11-22-2022 03:12 AM
Can you confirm tuned means you do not like to send or you like to send ?
You can only send certain message to syslog Look below :
11-22-2022 03:37 AM
Hello,
Correct, I want to keep IDs 430001 to 430005 but tune out some the noise, so it's not sending everything via those log's
On your link - I have seen and read this too, that's what I realised.
Thanks anyway.
11-22-2022 04:27 AM
Sure now you know how to do, goog stuff..!
12-13-2022 05:09 PM
What are logging to? Syslog does indeed create a lot of noise. If you are using Splunk, it is not recommended to use syslog. Use eStreamer.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide