Click here to expand

    Configuring the Syslog Service on SonicWall devices

    To configure the Syslog service on SonicWall devices, follow the steps below:

    1. Login to the SonicWall device as an administrator.
    2. Navigate to Log > Automation, and scroll down to Syslog Servers.
    3. Click on the Add button.

    Use a web browser to connect to the SonicWall management interface and login with your username and password.

    1. Click on the Log button on the left menu. This will open a tabbed window in the main display.
    2. Click on the Log Settings tab.
    3. Under Sending the Log, enter the IP address of the machine running the Kiwi Syslog Server into the field Syslog Server 1. If you are listening on a port other than 514, enter that value in the field Syslog server port 1.
    4. The Syslog ID must be firewall for the effective parsing of firewall logs.
    5. Under Automation, set the Syslog format to Enhanced Syslog.
    6. Under Categories > Log, check all the types of events that you would like to receive Syslog messages for.
    7. Click on the Update button.

    For SonicOS 6.5 and above:

    1. Login to the SonicWall device as an administrator.
    2. Click on Manage tab and expand Log Settings> SYSLOG
    3. Click Add under Syslog Servers.
    4. From the Add Syslog Server window, enter the IP address or host name of the Eventlog Analyzer server.
    5. Enter the port number and set the Server Type to Syslog.
    6. Set the Syslog format to Enhanced Syslog.
    7. The Syslog ID must be firewall for the effective parsing of firewall logs.
    8. Click OK to configure.

    A reboot of the SonicWall may be required for the new settings to take effect.

    Don't see what you're looking for?

    •  

      Visit our community

      Post your questions in the forum.

       
    •  

      Request additional resources

      Send us your requirements.

       
    •  

      Need implementation assistance?

      Try onboarding

       
    Get download link