What’s New in Each Release
Security Event Syslog Messages
Changes to syslog messages for the following event types are described in History for Security Event Syslog Messages:
-
Intrusion events
-
Connection events
-
Security Intelligence events
-
File events
-
Malware events
All Other Syslog Messages
This section provides the following new, changed, and deprecated syslog messages for the following Secure Firewall Threat Defense releases. For complete syslog message descriptions, see respective chapters.
New Syslog Messages |
No new syslog messages were added. |
Changed Syslog Messages (Document) |
None |
Changed Syslog Messages (Code) |
None |
Deprecated Syslog Messages |
None |
New Syslog Messages |
709015 |
Changed Syslog Messages (Document) |
None |
Changed Syslog Messages (Code) |
None |
Deprecated Syslog Messages |
None |
New Syslog Messages |
870001, 880001 |
Changed Syslog Messages (Document) |
None |
Changed Syslog Messages (Code) |
302020, 302021 |
Deprecated Syslog Messages |
None |
New Syslog Messages |
No new syslog messages were added. |
Changed Syslog Messages (Document) |
None |
Changed Syslog Messages (Code) |
None |
Deprecated Syslog Messages |
None |
New Syslog Messages |
No new syslog messages were added. |
Changed Syslog Messages (Document) |
None |
Changed Syslog Messages (Code) |
None |
Deprecated Syslog Messages |
None |
New Syslog Messages |
709009, 709010, 709011, 709012, 709013 |
Changed Syslog Messages (Document) |
None |
Changed Syslog Messages (Code) |
None |
Deprecated Syslog Messages |
None |
New Syslog Messages |
717032, 305021, 305022, 324302, 324303, 733201 |
Changed Syslog Messages (Document) |
717009 |
Changed Syslog Messages (Code) |
None |
Deprecated Syslog Messages |
716055 and 716056 |
New Syslog Messages |
106029 |
Changed Syslog Messages (Document) |
105042, 105003, 105004, 105043, 305006, 414004 |
Changed Syslog Messages (Code) |
302013, 302014 |
Deprecated Syslog Messages |
None |
New Syslog Messages |
209006, 324012 |
New Syslog Messages |
748011, 748012, 302311, 747042, 747043, 747044, 769007, 769009, 852001, 852002 |
Changed Syslog Messages |
302014 |
Deprecated Syslog Messages |
New Syslog Messages |
Security events: 430004, 430005 Other: 305017, 308003, 308004, 408101, 408102, 409014, 409015, 409016, 409017, 419004, 419005, 419006, 503002, 503003, 503004, 503005, 737038, 737200-737206,737400-737407, 747042, 747043, 747044, 768003, 768004 815002, 815003, 815004 |
Changed Syslog Messages |
737001-737019, 737031-737036 |
Deprecated Syslog Messages |
All Syslog Messages
Timestamp Logging |
Beginning with version 6.3, Secure Firewall Threat Defense provides the option to enable timestamp as per RFC 5424 in eventing syslogs. When this option is enabled, all timestamp of syslog messages would be displaying the time as per RFC 5424 format. Following is a sample output with RFC 5424 format: <166>2018-06-27T12:17:46Z firepower : %FTD-6-110002: Failed to locate egress interface for protocol from src interface :src IP/src port to dest IP/dest port
|
||
Syslog Prefix Format |
The threat defenseoperating system was using parts of the ASA operating system, including the syslog utility. Therefore, threat defense syslog messages were starting with "%ASA" due to this shared utility. Beginning with release 6.3, the threat defense syslog messages will be starting with "%FTD" |