Guidelines for notifying external systems with alert responses

Depending on your Firewall Threat Defense version and device model, alert responses may not be the best way to send syslog messages. For more information, see About Syslog in Cisco Secure Firewall Management Center Device Configuration Guide and .

When you create a new alert response, it gets enabled automatically. If you want to temporarily stop alert generation, disable the alert response instead of deleting it.

When you modify an alert response, your changes take effect immediately. However, if you are using an alert response to send connection logs to an SNMP trap or syslog server, deploy the configuration to ensure that your changes are applied.