Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)

IPS 4402 event logs does not show in CSM

Hi all,

We have IPS appliance sitting in our network and everything is working well. But when i add IPS to CSM, i can make configuration through CSM but CSM does not get any logs from IPS. I hinkt adding CSM to Allowed hosts make it recieve log?

please help me guys, i`m totally stuck here.



New Member

IPS 4402 event logs does not show in CSM

Hey there.

Certainly make sure CSM is added as an allowed host.

CSM may also need to have a trusted HTTPS certificate to manage the device and download SDEE logs.

When you add the device to CSM inventory, right-click on it and view device properties.  Go to the credentials tab.   You will want to specify HTTP credentials that can log in to the device, as well as confirm tcp/443 (or tcp/80) can actually reach the IPS over your network - try to https:// in your browser directly to your 4402.

Make sure the device type also specifically says IPS.  There is an authentication certificate thumbprint feature you may have to update.

Can you push policies?  Did you import the license file within CSM for the device?

CreatePlease to create content