Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Syslog server not receiving any logs from sonicwall

tejasreetejasree Newbie ✭
in Entry Level Firewalls

Hi!

following guide, added and enabled syslog server on the same LAN:

  1. Installed Rapid7 collector on the windows PC (the same LAN, firewall on this PC is off)
  2. Added Syslog Server on the SonicWall

Event profile 0

Name or IP address (my local PC where siem collector is installed)

Server type - Syslog Server

SyslogFormat - default

Syslog Facility - Local use 0

----------------------------------------------------------------------------------------------------

but have nothing on my syslog server.…. did I miss something?

I'll try to capture the packets facility on firewall. so, what should I configure
if logs are not generating from sonicwall itself?
and Generating logs from firewall but collector is not receiving them? We have enabled the required firewall rules too.

Thanks!

Category: Entry Level Firewalls
Reply

Answers

  • SonicInterpolUserSonicInterpolUser Newbie ✭

    Did you ever find a fix for this? I've been having the same issue. I opened a ticket and never got an answer from them. I setup a separate syslog server to verify that it wasn't an issue with the R7 collector and received the same results. This is a basic function that should be working. I don't understand why they are so reluctant to address this issue. It only seems to be impacting the newer generation firewalls. All the firewalls running v6.X firmware work fine. So it's not an issue with our syslog server.

  • AjishlalAjishlal Community Legend ✭✭✭✭✭

    @tejasree

    Try with enhanced syslog instead of the default.

    image.png
Sign In or Register to comment.