Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

E-mail Log Automation

SamSam SonicWall Employee

I'm trying to configure E-mail Log Automation on my TZ600. SonicOS Enhanced 6.5.1.3-12n.

When I select HTML all I get are basically empty emails. When plain text I get lots of log dumps, and way too many. I have over 4000 emails in the past week. I did file ticket but didn't get much joy from that. I have Send Log set to weekly but seem to get it many times per day.

Under Base Setup I thought I set the email alerts

to 2x per day?

I've read the basic KB article but seems like I'm missing something.


My goal is to only get alerts on critical issues and a weekly log digest.

Any guidance would be appreciated.

Category: Entry Level Firewalls
Reply

Answers

  • [Deleted User][Deleted User] Cybersecurity Overlord ✭✭✭

    Hi @Sam ,

    Lovely picture of your dog!

    I have moved your post to the entry level firewalls category for our experts to answer for you.

  • SamSam SonicWall Employee

    Chris:

    Thank you! Much appreciated. Still trying to get the lay of the land.

    That is Daisy (rescue dog - part Shar Pei and Boxer). We have two - the other is Mia, part MinPin.

    They are best buddies!


  • KaranMKaranM Administrator

    Hello @Sam ,

    I trust you are safe and well!

    Can you please help me with the below:

    • What is the logging level and alert level set to?
    • What is the frequency of Send Events as E-mail Alerts set to?( for the categories you have enabled emails or for all the categories, in case individual categories are not configured.)


    Thank You

    Knowledge Management Senior Analyst at SonicWall.

  • Hello @Sam ,

    I hope you are doing well.

    Even if the logs are set to be sent weekly, once the log buffer is full, it is immediately sent to your email. You would need to make sure that the logs are enabled for the categories that you need information on.

    Please make sure that the logging level is not at Debug as it would generate a lot of logs that are only useful while troubleshooting a specific issue. It would be best to leave the logging level at Inform.

    You can also reduce the log redundancy based on the event counts under Log -> Settings where you see a very large number to generate fewer logs.

    You can set the alert level to alert/emergency and manually apply that logging level to the specific logs that you would like to receive immediately.

    I hope that helps!

    Thank you

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • KaranMKaranM Administrator

    Thankyou @shiprasahu93

    Knowledge Management Senior Analyst at SonicWall.

Sign In or Register to comment.