Manage Syslog Servers in Firewall Analyzer

    The Syslog Server page lets you manage the various virtual syslog servers set up to receive exported logs at different ports.

    The default listener port for the syslog server in Firewall Analyzer is 1514. If your firewalls are exporting log files to either of these ports, you do not have to set up any virtual syslog servers.

    The Syslog Servers table shows the various virtual syslog servers set up so far, along with their IP address, listener port, and status. You can delete a virtual syslog server by clicking the Delete icon. Once a virtual syslog server is deleted, the corresponding listener port is also freed. You can also stop the syslog collection by clicking the Stop icon and restart the syslog collection by clicking on the Restart icon.

    Adding a New Syslog Server

    The Add Syslog Server box lets you add a new virtual syslog server and begin listening on a new port for exported log files.

    • Enter a unique Profile Name for the new virtual syslog server
    • Enter the listener port in the Port field 
    • Click Save to add this virtual syslog server, and begin listening for log files at the specified port.

    Live Packet Count

    The number of packets received from each device sending syslogs to the server. For troubleshooting, admin users can view the cumulative flow rate of logs received by Firewall Analyzer at the syslog listening ports from all the configured firewalls and last syslog processed time.

    Live syslog Viewer

    This will give the live syslog details i.e., Source IP, and syslog information. Use Stop Refresh button to pause and Start Refresh to view syslogs.