# Cisco FTD

Cisco FTD forwards syslog to Radiant Security through the Radiant Agent. This guide covers adding the Cisco FTD data feed in Radiant, deploying the Radiant Agent as the syslog receiver, and configuring syslog forwarding from the Cisco FDM UI.

### Prerequisites

* [ ] Config user role in Cisco FDM
* [ ] A deployed [Radiant Agent](/radiant-connectors/data-connectors/install-the-radiant-security-agent.md) reachable from the Cisco FTD device
* [ ] Administrator role in Radiant Security

### Add the data connector in Radiant Security

1. Log in to [Radiant Security](https://app.radiantsecurity.ai/).
2. From the navigation menu, click **Settings** > **Data Connectors**, then click **+ Add Connector**.
3. Search for and select **Radiant Agent**, then click **Data Feeds**.
4. Under **Select your data feeds**, select **Cisco FTD (syslog)**, then click **Credentials**.
5. Under **Credential Name**, enter an identifiable name for the Radiant Agent integration (e.g., `Radiant Agent integration`). To reuse an existing Radiant Agent credential, select it from the drop-down menu.
6. Click **Add Connector**.

### Configure Cisco FTD to forward syslog

Before starting, confirm the IP address of the Radiant Agent and the port configured to receive Cisco FTD data. If you do not know the port, contact your Customer Success representative.

1. Log in to the Cisco FDM UI with a **config** user.
2. From the top navigation bar, select the Cisco FTD device.
3. Under **System Settings**, select **Logging Settings**.
4. Enable **Data Logging**.
5. Under **Message Filtering for Firepower Threat Defense**, set **Severity level for filtering all events** to **Information**.

   <div align="left"><figure><img src="https://20705827.fs1.hubspotusercontent-na1.net/hubfs/20705827/Knowledge%20Base%20Articles/Cisco%20FTD%20(syslog)/Untitled.png" alt="" width="375"><figcaption></figcaption></figure></div>
6. Under **Syslog Servers**, click the **+** button to add a new syslog server.
7. Click **Create new Syslog Server**.
8. Enter the IP address of the Radiant Agent.
9. For **Protocol Type**, select **TCP**.
10. For **Port Number**, enter the port configured on the Radiant Agent to receive Cisco FTD data.
11. Under **Interface for Device Logs**, select an interface with connectivity to the Radiant Agent.
12. Click **OK**, then select the newly created syslog server.
13. Click **SAVE**.

    <div align="left"><figure><img src="https://20705827.fs1.hubspotusercontent-na1.net/hubfs/20705827/Knowledge%20Base%20Articles/Cisco%20FTD%20%28syslog%29/Untitled%282%29.png" alt="" width="375"><figcaption></figcaption></figure></div>
14. Click the deploy button to deploy the changes.\
    ![Untitled(3)](https://20705827.fs1.hubspotusercontent-na1.net/hubfs/20705827/Knowledge%20Base%20Articles/Cisco%20FTD%20\(syslog\)/Untitled\(3\).png)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.radiantsecurity.ai/radiant-connectors/data-connectors/cisco/cisco-ftd.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.