Configuration Locations for Syslogs for File and Malware Events
|
Configuration Location |
Description and More Information |
|---|---|
|
In an access control policy: Policies > Access Control, <each policy>, Logging |
This is the main location for configuring the system to send syslogs for file and malware events. If you do not use the syslog settings in FTD Platform Settings, you must also create an alert response. See Creating a Syslog Alert Response. |
|
In FTD Platform Settings: Devices > Platform Settings, Threat Defense Settings policy, Syslog |
These settings apply only to FTD devices running supported versions, and only if you configure the Logging tab in the access control policy to use FTD platform settings. See FTD Platform Settings That Apply to Security Event Syslog Messages and About Syslog and subtopics. |
|
In an access control rule: Policies > Access Control, <each policy>, <each rule>, Logging |
If you do not use the syslog settings in FTD Platform Settings, you must also create an alert response. See Creating a Syslog Alert Response. |