-
START YOUR TRIAL
-
DEVICE INTEGRATION
-
CONNECTORS
-
DATA INGESTION
-
HUNTING WITH WORKBOOKS
-
DNIF Query Language (DQL Language)
-
SECURITY MONITORING
-
OPERATIONS
-
MANAGE DASHBOARDS
-
MANAGE REPORTS
-
USER MANAGEMENT & ACCESS CONTROL
-
BILLING
-
MANAGING YOUR COMPONENTS
-
GETTING STARTED
-
INSTALLATION
-
SOLUTION DESIGN
-
AUTOMATION
-
TROUBLESHOOTING AND DEBUGGING
-
LICENSE MANAGEMENT
-
RELEASE NOTES
-
API
-
POLICIES
-
SECURITY BULLETINS
-
BEST PRACTICES
-
DNIF AI
-
DNIF LEGAL AND SECURITY COMPLIANCE
Cisco FirePOWER
This article describes the steps to configure log forwarding for Cisco FirePOWER
- Log into the web user interface of your Sourcefire Management Center.
- Navigate to Policies > Intrusion > Intrusion Policy.
- Click Edit next to the policy you want to apply.
- Click Advanced Settings.
- Locate Syslog Alerting in the list and set it to Enabled.
- Click Policy Information near the top left of this screen.
- Click Commit Changes.
- Reapply your Intrusion Policy.
- Click Edit next to the right of Syslog Alerting.
- Type the IP address of EventTracker on the Logging Hosts field.
- Choose an appropriate Facility and Severity from the drop-down menu. These can be left at the default values unless a Syslog server is configured to accept alerts for a certain facility or severity.
- Click Policy Information near the top left of this screen.
- Click Commit Changes.
- Reapply your Intrusion Policy.