Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Syslog configuratoin with wazuh

cyber_monkeycyber_monkey Newbie ✭
edited February 29 in Entry Level Firewalls

Hi all,

I'm trying to configure syslogs to send to my wazuh SIEM server. However I'm not having any luck. I've reached out to wazuh support for help on their end, but I think i need information on the format of syslogs in order to decode the input for wazuh's usage.

Does anyone know the format of the syslogs as they send over? Anyone know where I can look?

Category: Entry Level Firewalls
Reply
Tagged:

Best Answers

  • CORRECT ANSWER
    cyber_monkeycyber_monkey Newbie ✭
    Answer ✓

    Turns out the logging level wasn't high enough. I changed it to warning instead of emergency. I am indeed receiving packets to my VM now. I just need to work on the other side to make sure it's handling them properly.

  • CORRECT ANSWER
    ArkwrightArkwright Community Legend ✭✭✭✭✭
    Answer ✓

    Bear in mind that every event type can be configured differently for frequency of logging.

Answers

Sign In or Register to comment.