Comments
-
all allowed traffic/denied traffic from a client to server via firewall
-
Can you mention the regular firewall traffic event ID's also eg: one source to one destination traffic allowed, traffic denied
-
@BWC Thank you for the response.
-
In the above pdf from page 10 onwards Event ID is mentioned. I am not getting these ID's in the log that is been forwarded in syslog. So how to include the Event ID seen in the console to the log that I receive that is been forwarded in syslog.
-
Actually I am planning to create new rules for Sonicwall VPN in Wazuh. Now I have created some rules tagging the priority level of the VPN. But I need to create the rules more specifically for that I need to get the event ID's. Currently the syslog that I receive does not contain the event ID of the sonicwall. So is it…