Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco ASA 5500x Firepower IPS Logging

Anyone know how Cisco ASA 5500x firepower logging works?

Based on the cisco manuals: " For ASA FirePOWER-related syslog messages, see the syslog messages guide. ASA FirePOWER syslog messages start with message number 434001"

That suggests it just talks syslog.

Anyone know if that's all it does? Or does it do SDEE like the old Cisco IPS modules?

2 REPLIES
Hall of Fame Super Silver

Firepower logging is to a

Firepower logging is to a Firesight management center (FMC) via https. It does not use SDEE.

Just like the old IPS, syslog messages are only about the module status, not about actual IPS events.

New Member

Thanks Marvin, do you know

Thanks Marvin, do you know what the data retention is on the FMC? Can it be set to unlimited? (assuming unlimited storage on the FMC server)

848
Views
0
Helpful
2
Replies
CreatePlease to create content