[ATP/FLEX] How to configure remote Syslog server on Nebula?






Syslog is a protocol for message logging that Firewall uses to send event logs to a remote server for logging. On Firewall, Syslog can be used to log events such as Link status, system build-in service, security policy control, etc. A lot of different types of events can be logged. Logs are essential when troubleshooting issues. This example illustrates how to configure remote Syslog server on Nebula
Configurations
Navigate to Configure > Site settings and click Add in Reporting section.
Server IP: Enter the IP address of the Syslog server.
Types: Security Appliance traffic log/Security Application Log AP Log / Switch Log
AP traffic Log: Log traffic for APs in the site that have NAT mode enabled. You can also send the logs to a Syslog server, by selecting AP traffic log under Syslog server > Types.
SecuReporter: Turn it on to allow the NCC to send traffic logs to SecuReporter.
* Disable this option if you have configured sending of traffic logs to an external syslog server.
Note: It is unable to send syslog via VPN tunnels.
Verification
After completing the configuration, you are able to see logs sent from Firewall on Syslog server.
Categories
- All Categories
- 435 Beta Program
- 2.7K Nebula
- 176 Nebula Ideas
- 118 Nebula Status and Incidents
- 6.1K Security
- 428 USG FLEX H Series
- 298 Security Ideas
- 1.6K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 44 Wireless Ideas
- 6.7K Consumer Product
- 274 Service & License
- 419 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 89 Security Highlight