Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Syslog CEF format - SMA 8200v

shultisshultis Newbie ✭
in Secure Mobile Access Appliances

We are using Azure Sentinel, which requires syslog to be in CEF format. I'm not finding anything for formatting syslog on the appliance GUI. Is there a way to change to format of syslog output from the 8200v appliances? Our security team will replace the SMAs before they replace the SEIM.


Thanks

Scott

Category: Secure Mobile Access Appliances
Reply

Answers

  • SkumarSkumar SonicWall Employee

    HI @Shultis,

    We are reviewing your requirement. We shall have this thread updated.

  • SkumarSkumar SonicWall Employee

    Hi @Scott,

    As of current this would be a feature request . To get this feature into product line we would request you to open a support request. once we have support request our support team would raise a feature request with Product Management for further review.

  • Doug_DanielDoug_Daniel Newbie ✭

    Shultis,

    we are considering Azure Sentinel as a SIEM and I was surprised to hear of the CEF requirement. I am not convinced that Azure Sentinel cannot ingest raw syslog, but i am not currently using it and no expert.

    See what you think from this link: https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-the-connectors-grand-cef-syslog-direct-agent/ba-p/803891

    That said, i would second the request that the SMA 1000 series support CEF directly.

    Thanks - I will follow this thread.

Sign In or Register to comment.