Configure Secure Computing Sidewinder Firewalls

    Firewall Analyzer supports Sidewinder G2. 

    Configure Sidewinder To Send Audit Data To Firewall Analyzer

    1. Open /etc/sidewinder/auditd.conf
    2. Add the following line at the end of the file, to configure syslog to use the Sidewinder Export Format (SEF):

      syslog (local0 filters[“NULL”] sef) 

    You can use ‘local0’ through ‘local7’ as names for the facility; they are predefined in syslogd.

    1. Save the configuration and exit the editor.
    2. Open /etc/syslog.conf
    3. Append local0.* @<server_name> at the end, where facility local0 matches the facility mentioned in step 2 and <server_name> is the name of the machine where Firewall Analyzer is running.
    4. Save the configuration and exit the editor.
    5. Look up syslog’s process ID by entering the following command:

      pss syslog
    1. Implement the changes by restarting the syslogd and auditd processes, using the following two commands:

      kill -HUP <syslog process ID>

      cf server restart auditd

    The Sidewinder G2 will now send audit data to Firewall Analyzer.

    Thank you for your feedback!

    Was this content helpful?

    We are sorry. Help us improve this page.

    How can we improve this page?
    Do you need assistance with this topic?
    By clicking "Submit", you agree to processing of personal data according to the Privacy Policy.