FTD Platform Settings That Apply to Security Event Syslog Messages
"Security events" include connection, Security Intelligence, intrusion, and file and malware events.
Some of the syslog settings on the Devices > Platform Settings > Threat Defense Settings > Syslog page and its tabs apply to syslog messages for security events, but most apply only to messages for events related to system health and networking.
The following settings apply to syslog messages for security events:
-
Logging Setup tab:
-
Send syslogs in EMBLEM format
-
-
Syslog Settings tab:
-
Enable Timestamp on Syslog Messages
-
Timestamp Format
-
Enable Syslog Device ID
-
-
Syslog Servers tab:
-
All options on the Add Syslog Server form (and the list of configured servers).
-
See also Best Practices for Configuring Security Event Syslog Messaging.