We start discussion on every option thats maybe the best way to explain it.

Syntax: fl (-f name -Acl -b -n1 192 -n2 168 -mail -nnr -m -whois -g ip -l -i -a -noskip -v) cisco.logfile

-f name	give a name for a logfile , you disable the shell output and redirect it to the given file. The filename is used for the HTML! outputfile as well (.html added)
-Acl	enable CiscoRouter Accesslist support ( an extra perl.script is required ) you will be able to stop scans as they are detected
-b	be weak - this is important for Miami user, this will take allowed access into the analysis
-n1 -n2	give your network first two ip values if they don`t match 192.168.x.x ie. if you have the ip 34.2.5.146 use -n1 34 -n2 2
-mail	use mail command to send logreports to a mailinglist ( or root accout )
-nnr	no nameresolve - disables human readable hostnames
-m	logfile is from type : miama logfile ( syslogd too )
-whois	enables whois websupport in html report
-g ip	grep only entries in which this IP occurs ( can be fragmented ) i.e. -g 212.12.3 or 212.44 or just 212.
-l	enables more output for the reports , you can see why exactly the alarm happend
-i	disables report of internal scans
-a	enables whole output of alarms, you can get a verylong report! to be carefull
-noskip	firelogger has a second file ( automaticly generated if not found ) in which the last line which has been checked is marked. This is done, because you would get frequently mails for old alarms. If you use a kind of Logrotate don`t forget to ZERO the skiplinefile
-nosk	firelogger does now seek&destroy incoming portscans if mode miami is enabled

As you can see, you have many options to fit your needs. But you need a good setup to get a usefull logfile. Because this is an Amigasoftware this document handles only amiga specific belongs. If you have a ciscorouter and you find a way to log to an amiga accessible place ( i.e. NFS to a linux host ) this can be usefull for you too.