Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sonicwall Integration syslog to Elastic SIEM

Hi all,


I have question regarding the integartion to Elastic...

In this case, all logs from firewall have to forward to Elastic SIEM and I believe Sonicwall mid range such Nsa 3700 can integration with Elastic SIEM (https://docs.elastic.co/en/integrations/sonicwall).

Question is:

  1. What kind format needs for integration to Elastic SIEM?
  2. To configure that, can we refrence from this link? https://www.sonicwall.com/techdocs/pdf/management-services-system-log.pdf
  3. If you guys have documentation regarding this integration, can you send to me for my refrences?


Cheers,

Fansa

Category: Mid Range Firewalls
Reply
Tagged:

Answers

  • LarryLarry All-Knowing Sage ✭✭✭✭

    @Fansa the documentation you linked to is appropriate to configure the firewall's syslog to your external location.

    In terms of format needed? That is not something anyone in the forum can answer. Only you know why you are collecting this data and the purpose(s) it serves.

    Suggest you follow the guide, set up the appropriate values and see the results in your SIEM - you can always delete the data and start over.

Sign In or Register to comment.