Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Configuration perspective, select Setup > Reporting Settings > Syslog.

  1. Do one of the following:

  • To enable the syslog feature, select the 

Enable Syslog checkbox.

  • To disable the syslog feature, clear the 

Enable Syslog checkbox.
Default: Enabled

  1. Do one of the following:

  • To add an entry, click the (

Add) button.

  • To modify an entry, double-click the entry in the table.

4.Configure the parameters,andthen,click Submit.

  

Parameter

Description

Enable Syslog Server

Specifies whether the syslog server is enabled.
Default: Enabled
 
Note: The device sends syslog messages using UDP. That is, the device sends syslog messages with no verification of message delivery. The Status is N/R in the DefensePro Syslog Monitor (Monitoring perspective
> Resource Utilization tab > Syslog Monitor).

Syslog Server

The IP address or hostname of the device running the syslog service
(syslogd).

Source Port

The syslog source port.
Default: 514
 
Note: Port 0 specifies a random port.

Destination Port

The syslog destination port.
Default: 514

Facility

The type of device of the sender. This is sent with syslog messages. You
can use this parameter to distinguish between different devices and define rules that split messages.
Values:

  • Authorization Messages                 •    Local 6

  • Clock Daemon                               •    Local 7

  • Clock Daemon2                             •    Log Alert

  • FTP Daemon                                  •    Log Audit

  • Kernel Messages                           •    Mail System

  • Line Printer Subsystem                 •    Network News Subsystem

  • Local 0                                           •    NTP Daemon

  • Local 1                                           •    Syslogd Messages

  • Local 2                                           •    System Daemons

  • Local 3                                           •    User Level Messages

  • Local 4                                           •    UUCP

  • Local 5

Default: Local Use 6


To configure syslog settings via CLI
 

  1. Enable the global status of Syslog, run the command : 

manage syslog global-status set 1

Configure the syslog servers using the command : manage syslog destinations add <Syslog Server>  <-switch value>
 
Available Switches:
 
        -s    :  Syslog Server Operational Status
                         (1) Enabled
                         (2) Disabled
 
        -sp   :  Syslog Server Source Port
 
        -dp   :  Syslog Server Destination Port
 
        -f    :  Syslog Server Facility
 
    (0) Kernel Messages
                (1) User Level Messages
                (2) Mail System
                (3) System Daemons
                (4) Authorization Messages
                (5) Syslogd Messages
                (6) Line Printer Subsystem
                (7) Network News Subsystem
                (8) UUCP
                (9) Clock Daemon
                (10) Security Messages
                (11) FTP Daemon
                (12) NTP Daemon
                (13) Log Audit
                (14) Log Alert
                (15) Clock Daemon2
                (16) Local Use 0
                (17) Local Use 1
                (18) Local Use 2
                (19) Local Use 3
                (20) Local Use 4
                (21) Local Use 5
                (22) Local Use 6
                (23) Local Use 7
 
 
        -p    :  Syslog Server Protocol
 
(1) UDP Protocol
                        (2) TCP Protocol
                        (3) TLS Protoco
 
 
        -c    :  Syslog Server CA Certificate
 
        -sss  :  Syslog Security Sending
           
(1) Enabled
            (2) Disabled
 
        -shs  :  Syslog Health Sending
 
(1) Enabled
            (2) Disabled
 
        -suas :  Syslog User Audit Sending
 
(1) Enabled
             (2) Disabled
 
 
Example : manage syslog destinations add 10.20.30.141 -s 1 -dp 514 -f 22 -p 1 -sss 1 -shs 1 -suas 1
 
 

  1. To view the configured syslog servers, run the command : 

manage syslog destinations get
 
 
To configure syslog settings via Web UI

  1. Login into the web UI

  2. Go to Services > Syslog Reporting

 Choose Enable under the Syslog Operation menu

  1. Click on Create to add a new syslog destination server

Reference:

https://support.radware.com/app/answers/answer_view/a_id/19907/~/configuring-defensepro-syslog-settings

  • No labels

Seceon Inc. All rights reserved. https://www.seceon.com