Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Configuring Syslogs from Sonicwall


Overview

We are providing you the steps to integrate your Sonicwall firewall with Seceon SIEM so that you can have a Comprehensive visibility and Proactive Threat Detection in your Environment. There will be a log transfer between your firewall to APE(Analytics and Policy Engine) via CCE (Collection and Control Engine ) . In this document we are guiding you the steps for Syslog forwarding.

Steps Of Configuration

To configure Syslog on SonicWall appliances, please follow the below steps: 

  • Login to the SonicWall device as admin. 
  • Go to Manage | Log Settings | SYSLOG
  • Click on the ‘Add’ button.

  • Select the name or IP addresses which are already present in the list or you can create a new address object which further opens a new link.
  • Specify the Name, Zone assignment, Host and IP address of the Syslog server in the IP address field and click ‘OK’ 
  • After a couple of seconds, the Syslog server should show the logs from the firewall

Verification


Go to the UI inside the System tab click on Logs Flow Collection Status you will find your device  added in the column Source Device IP Address(es).



Seceon Inc. All rights reserved. https://www.seceon.com