Firewall Analyzer supports most of the versions of SonicWALL Firewall devices. Carry out the following configuration depending upon your requirement.
To get Live reports using Syslog
Enable 'default' (syslog) format in the SonicWALL firewall to get live reports using syslog
Configuring SonicWALL Logging Level
For more information, refer the SonicWALL documentation in the URL given below: http://help.mysonicwall.com/sw/jpn/2907/ui2/42600/Help/42_Log_Reporting.html
Whenever you create an access rule in the SonicWALL Firewall, ensure that 'Enable Logging' check box is selected for the particular rule. For more information refer the URL http://www.techrepublic.com/article/how-do-i-configure-firewall-security-on-a-sonicwall-device/6124340
Restart the SonicWALL appliance for the changes to take effect.
Configuring SonicWALL to get 'IPFIX with extension' flow information
Firewall Analyzer supports the IPFIX flow collection from SonicWALL devices. SonicWALL provides netflow with extended features called 'IPFIX with extension'. This flow support is available in SonicOS version 5.8 and above.
Note: If syslog is already being forwarded from SonicWALL device and if you configure IPFIX, the SonicWALL device will be added as a new device in Firewall Analyzer with Firewall's LAN IP address as device name.
IPFIX with Extensions Configuration Procedures
To configure IPFIX with extensions flow reporting, follow the steps listed below.
Note: After enabling to send the data and completing the configuration, ensure that you restart the SonicWALL firewall device. Only after restart, the device will send the data to the external collector (i.e., the Firewall Analyzer).
Whenever you create or edit an access rule in the SonicWALL Firewall, ensure that 'Enable Flow Reporting' check box is selected for the particular rule.