[ATP/FLEX] How to configure remote Syslog server on Nebula?






Syslog is a protocol for message logging that Firewall uses to send event logs to a remote server for logging. On Firewall, Syslog can be used to log events such as Link status, system build-in service, security policy control, etc. A lot of different types of events can be logged. Logs are essential when troubleshooting issues. This example illustrates how to configure remote Syslog server on Nebula
Configurations
Navigate to Site-wide > Configure > General settings and click Add in Reporting section.
Server IP: Enter the IP address of the Syslog server.
Types: Security Appliance traffic log/Security Application Log AP Log / Switch Log
AP traffic Log: Log traffic for APs in the site that have NAT mode enabled. You can also send the logs to a Syslog server, by selecting AP traffic log under Syslog server > Types.
SecuReporter: Turn it on to allow the NCC to send traffic logs to SecuReporter.
* Disable this option if you have configured sending of traffic logs to an external syslog server.
Note: It is unable to send syslog via VPN tunnels.
Verification
After completing the configuration, you are able to see logs sent from Firewall on Syslog server.
Categories
- 8K All Categories
- 1.6K Nebula
- 60 Nebula Ideas
- 55 Nebula Status and Incidents
- 4.5K Security
- 225 Security Ideas
- 976 Switch
- 47 Switch Ideas
- 803 WirelessLAN
- 20 WLAN Ideas
- 5.2K Consumer Product
- 140 Service & License
- 268 News and Release
- 53 Security Advisories
- 13 Education Center
- 573 FAQ
- 273 Nebula FAQ
- 132 Security FAQ
- 73 Switch FAQ
- 72 WirelessLAN FAQ
- 7 Consumer Product FAQ
- Documents
- 34 Nebula Monthly Express
- 72 About Community
- 44 Security Highlight