Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Microsoft Sentinel provides two connectors that collect logs from Cisco Firepower Threat Defense (FTD) firewall devices, depending on whether the devices run the Adaptive Security Appliance (ASA) operating system or Firepower eXtensible Operating System (FXOS). This article explains when to use each connector and provides links to installation instructions.
Collect logs from a Cisco FTD ASA firewall device
To collect logs from FTD ASA firewall devices, use the Cisco ASA/FTD via AMA connector.
Collect logs from a Cisco FTD FXOS firewall device
To collect logs from a Cisco FTD FXOS firewall device:
- Install and configure the Firepower eNcore eStreamer client, which emits logs in Common Event Format (CEF) format. For more information, see the full install guide.
- Install CEF via AMA connector.
Next steps
Learn more about Microsoft Sentinel data connectors.