[ATP/FLEX] How to configure remote Syslog server on Nebula?

Options
Zyxel_Cooldia
Zyxel_Cooldia Posts: 1,474  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer
edited June 2023 in Maintenance

Syslog is a protocol for message logging that Firewall uses to send event logs to a remote server for logging. On Firewall, Syslog can be used to log events such as Link status, system build-in service, security policy control, etc. A lot of different types of events can be logged. Logs are essential when troubleshooting issues. This example illustrates how to configure remote Syslog server on Nebula

Configurations

Navigate to Configure > Site settings and click Add in Reporting section.


Server IP: Enter the IP address of the Syslog server.

Types: Security Appliance traffic log/Security Application Log AP Log / Switch Log

AP traffic Log: Log traffic for APs in the site that have NAT mode enabled. You can also send the logs to a Syslog server, by selecting AP traffic log under Syslog server > Types.

SecuReporter: Turn it on to allow the NCC to send traffic logs to SecuReporter.

* Disable this option if you have configured sending of traffic logs to an external syslog server.

Note: It is unable to send syslog via VPN tunnels.

Verification

After completing the configuration, you are able to see  logs sent from Firewall on Syslog server.