Configure the FMC Devices to Send Events to the Cisco Cloud

Configure the FMC to have managed Firepower Threat Defense devices send events directly to the cloud.

Note	Available options depend on your FMC version. Skip any steps that do not apply to your version.

Before you begin

In the FMC:
- Go to the System > Configuration page and give your FMC a unique name so it will be clearly identified in the Devices list in the cloud.
- Add your Firepower Threat Defense devices to the FMC, assign licenses to them, and ensure that the system is working correctly. (That is, you have created the necessary policies, and events are being generated and display as expected in the FMC web interface under the Analysis tab.)
Perform the steps up to this point in How to Send Events Directly to the Cisco Cloud and Integrate with SecureX.
Make sure you have your cloud credentials and can sign in to the Cisco SecureX threat responseSecureX regional cloud on which your account was created.

For URLs, see Cisco SecureX Threat ResponseSecureX Regional Clouds.
If you are currently sending events to the cloud using syslog, disable these sends to avoid duplication.

Step 1	In the FMC: Select System > Integration.
Step 2	Click Cloud Services.
Step 3	Enable the slider for Cisco Cloud Event Configuration or Cisco Cloud (depending on your FMC version).
Step 4	If you have not already done so, and your FMC offers a Cisco Cloud Region option: Select the Cisco Cloud Region on which you have created your account.
Step 5	Enable the types of events to send to the cloud. If you send connection events, only Security Intelligence connection events are used for this integration. All other connection events are not used in this integration.
Step 6	Click Save. If the Save button is unavailable, this means the FMC is already registered to the selected regional cloud.
Step 7	Verify that the feature is properly enabled: Wait a few minutes to allow the systems to synchronize. On the same page that you enabled the feature, click the link to view the Cisco Cloud configuration. (The link is in the same Cisco Cloud box.) Security Services Exchange opens in a new browser window. Sign in using the credentials that you use to access your Cisco SecureX threat responseSecureX account. Click Devices. Verify that your FMC and its managed devices appear on the list.