Sonicwall Integration syslog to Elastic SIEM
Fansa Newbie ✭
I have question regarding the integartion to Elastic...
In this case, all logs from firewall have to forward to Elastic SIEM and I believe Sonicwall mid range such Nsa 3700 can integration with Elastic SIEM (https://docs.elastic.co/en/integrations/sonicwall).
- What kind format needs for integration to Elastic SIEM?
- To configure that, can we refrence from this link? https://www.sonicwall.com/techdocs/pdf/management-services-system-log.pdf
- If you guys have documentation regarding this integration, can you send to me for my refrences?
Category: Mid Range Firewalls
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
@Fansa the documentation you linked to is appropriate to configure the firewall's syslog to your external location.
In terms of format needed? That is not something anyone in the forum can answer. Only you know why you are collecting this data and the purpose(s) it serves.
Suggest you follow the guide, set up the appropriate values and see the results in your SIEM - you can always delete the data and start over.