cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
195
Views
1
Helpful
2
Replies

FMC event logging for traffic destined to a FTD interface

Alex-Pr
Level 1
Level 1

I've noticed in FMC that I can see traffic logged that traverses the FTD however traffic to the FTD is not logged.  I am curious to see if someone is trying a port scan or something like that.  So for example if my FTD interface is 192.168.0.1 and I try to telnet to 192.168.0.1 nothing is logged.

Is there a specific destination address or name that can be entered to see traffic that was destined to the FTD?

 

Thanks.

2 Replies 2

Configure Logging on FTD via FMC - Cisco

can you check this guide

MHM

Marvin Rhoads
Hall of Fame
Hall of Fame

In addition to the syslog setup already mentioned in the earlier reply, note that Connection Events (or Unified Events) will generally only include connections handled by the Access Control Policy or Prefilter Policy.

Review Cisco Networking for a $25 gift card