Cisco FirePower Syslog Forwarding - Logsign Integration

Introduction

This document describes how to configure Syslog within the Firepower Device Manager (FDM).

Prerequisites

Requirements

Cisco recommends that you have knowledge of these topics:

  • Firepower Threat Defense
  • Syslog Server running Syslog Software to collect data

Configurations

Step 1. From the Main Firepower Device Manager screen, select the Logging Settings under the System Settings in the lower right corner of the screen.

Step 2. On the System Settings screen, select the Logging Settings in the left menu.

Step 3. Set the Data Logging toggle switch, select the + sign under Syslog Servers.

Step 4. Select Add Syslog Server. Alternatively, you can create the Syslog Server object in Objects - Syslog Servers.

Step 5. Enter the IP address of your Syslog Server and port number. Select the radio button for Data Interface and click OK.

Step 6. Select the new Syslog server and click OK.


Step 7. Select the Severity level to filter with the all events radio button and select your desired logging level.


Step 8. Click Save at the bottom of the screen.


Step 9. Verify the settings were successful.


Step 10. Deploy the new settings.

Logsign Integration

Step 1- Login to Logsign UI

Step 2- Go to Data Collection and click on the "+ Device".

Step 3- Select Devices as SYSLOG and Cisco- FirePOWER

Step 4- Enter the IP address that belongs to Cisco FirePOWER device.

Step 5- Check the "Syslog Facility"

Step 6- Give the Device name and Save it.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more
Become a Certified Logsign User/Administrator
Sign-up for Logsign Academy and take the courses to learn about Logsign USO Platform in detail. Enjoy the courses, and get your badges and certificates. In these courses, you'll learn how to use Logsign in your work and add value to your career.
Visit Our Blog
Our Logsign USO Platform illustrate our expertise. So do the blog. Through our blog posts, deepen your knowledge on various SecOps topics or get updated about important news & modern approaches for cybersecurity. Get into the habit of reading valuable information provided by Logsign. Be a step ahead.