Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Analytics On-Premise - SYSLOG or IPFIX? What is best?

Hi!

Analytics - SYSLOG or IPFIX?

Is one of them better? What is the difference to have one or the other?

Category: Firewall Management and Analytics
Reply

Answers

  • Mr_KlaatuMr_Klaatu SonicWall Employee


    Hello Sebastian, above is a link that describes the difference between Syslog and IPFIX with a special reference to SonicWall, from Plixer

  • Hi @Mr_Klaatu

    Thanks for the article. Very useful.

  • prestonpreston All-Knowing Sage ✭✭✭✭

    @SEBASTIAN , I would ask your SonicWall SE as there is a table with the side by side differences on, in my experience the Syslog gives you more options if you want to report on users activities and you can create custom reports. even though it is not live like the IPFiX it is only a couple of minutes out usually, depending on the sever resources and the amount of Syslogs being sent to it to process.

  • It would be great if Sonicwall writes a KB that contains this information.

    We know IPFIX and SYSLOG licenses exist, but, what is the difference between them?

    I remember user and VPN traffic is not available from one of them.


    Anyway, Sonicwall, please, is a KB possible?

  • Mr_KlaatuMr_Klaatu SonicWall Employee

    @SEBASTIAN Our KB's are more focused on specific configuration/troubleshooting scenarios and may not have theoretical overview of the feature/technology, however we have the documentation for what you are looking in the form of getting started guides with respect to our Analytics product. Here is a link to the getting started guide with the information that you are looking for:-

    https://www.sonicwall.com/techdocs/pdf/on-premises-analytics-getting-started-guide.pdf

    • Page 4/43 discusses the general differences between Syslog vs IPFIX based reporting
    • Page 20/43 'Overview of Syslog-Based Analytics' discusses the possible reporting features when using Syslog
    • Page 25/43 'Overview of IPFIX-Based Analytics' discusses the possible reporting features when using IPFIX
Sign In or Register to comment.