Ensure 'logging trap severity ' is greater than or equal to '5'

Information

Determines which syslog messages should be sent to the syslog server.

Rationale:

Syslog messages are an invaluable tool for accounting, monitoring, and routine troubleshooting. Logging to a central syslog server is a method of collecting messages from devices to a server running a syslog daemon. This helps in aggregation of logs and alerts. This form of logging provides protected long-term storage for logs, since are also useful in incident handling.

Solution

Firepower Management Center:

Devices > Platform settings > Syslog > Logging setup

See Also

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/hardening/ftd/FTD_Hardening_Guide_v64.html

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-12c.

Plugin: Cisco_Firepower

Control ID: 47f158036856a4c0b14fe5523c6a0da9b71443769dfcb4c3720c5d56e7b3549f