Configuring Cisco Devices - FirePOWER
Firewall Analyzer supports the following versions of various Cisco devices.
Configuring Cisco ASA with FirePOWER services
Creating a Syslog Alert Response
- Choose ASA Firepower Configuration > Policies > Actions > Alerts.
- From the Create Alert drop-down menu, choose Create Syslog Alert.
- Enter a Name for the alert.
- In the Host field, enter the hostname or IP address of Firewall Analyzer server.
- In the Port field, enter the port the server uses for syslog messages. By default, this value is 1514 in Firewall Analyzer server.
- From the Facility list, choose a facility LOCAL7.
- From the Severity list, choose a severity INFO.
- Click Save.
Configuration for sending the Traffic Events
- Navigate to ASA Firepower Configuration > Policies > Access Control Policy
- Edit the access rule and navigate to logging option.
- Select log at Beginning and End of Connection options.
- Navigate to Send Connection Events to option , select Syslog, and then select a Syslog alert response.
- Click Save.
For detailed configuration of ASA FirePOWER services refer the following documents:
Configure logging for FirePOWER Threat Defense (FTD) via Firepower Management Center (FMC)
Refer the link given below: