[ATP/FLEX] How to configure remote Syslog server on Nebula?

Zyxel_Cooldia
Zyxel_Cooldia Posts: 1,046
Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 1000 Comments
 Guru Member
edited September 1 in Maintenance

Syslog is a protocol for message logging that Firewall uses to send event logs to a remote server for logging. On Firewall, Syslog can be used to log events such as Link status, system build-in service, security policy control, etc. A lot of different types of events can be logged. Logs are essential when troubleshooting issues. This example illustrates how to configure remote Syslog server on Nebula

Configurations

Navigate to Site-wide > Configure > General settings and click Add in Reporting section.


Server IP: Enter the IP address of the Syslog server.

Types: Security Appliance traffic log/Security Application Log AP Log / Switch Log

AP traffic Log: Log traffic for APs in the site that have NAT mode enabled. You can also send the logs to a Syslog server, by selecting AP traffic log under Syslog server > Types.

SecuReporter: Turn it on to allow the NCC to send traffic logs to SecuReporter.

* Disable this option if you have configured sending of traffic logs to an external syslog server.

Note: It is unable to send syslog via VPN tunnels.

Verification

After completing the configuration, you are able to see  logs sent from Firewall on Syslog server.