Home » Configuring Firewalls » Configuring Sidewinder

Configuring Secure Computing Sidewinder


Firewall Analyzer supports Sidewinder G2.

Configuring Sidewinder To Send Audit Data To Firewall Analyzer

  1. Open /etc/sidewinder/auditd.conf
  2. Add the following line at the end of the file, to configure syslog to use the Sidewinder Export Format (SEF):
    syslog (local0 filters[“NULL”] sef)

    You can use ‘local0’ through ‘local7’ as names for the facility; they are predefined in syslogd.

  3. Save the configuration and exit the editor.
  4. Open /etc/syslog.conf
  5. Append local0.* @<server_name> at the end, where facility local0 matches the facility mentioned in step 2 and <server_name> is the name of the machine where Firewall Analyzer is running.
  6. Save the configuration and exit the editor.
  7. Look up syslog’s process ID by entering the following command:
    pss syslog
  8. Implement the changes by restarting the syslogd and auditd processes, using the following two commands:
    kill -HUP <syslog process ID>
    cf server restart auditd

The Sidewinder G2 will now send audit data to Firewall Analyzer.

Copyright © 2014, ZOHO Corp. All Rights Reserved.