How to send device logs to SecuReporter

Zyxel_Kevin Posts: 755  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer
edited September 2022 in Other Topics

SecuReporter is a security analytics portal that collects and analyzes logs from SecuReporter-licensed Zyxel Devices in order to identify anomalies, alert on potential internal / external threats, and report on network usage. The article explains what you need to configure on ATP/USG FLEX to make devices send logs to SecuReporter.

Configuration steps

The logs in SecuReporter > Analysis > Security Indicator and SecuReporter >  Analysis > Network Activity are related to “Security Service".

There must be match rules for security services on the device to send data to SecuReporter.

Go to CONFIGURATION > Mgmt. & Analytics > SecuReporter > Categories and make sure these options are enabled.

Especially you need to select the profile and apply each security service feature on the policy rule to create logs for security features such as Web Content Filter, DNS Content Filter and App Patrol.

The logs in SecuReporter >  Analysis >  Traffic is related to traffic usage and security statistics.

Make sure the following options are enabled.

Note: The following data are displayed on SecuReporter  when the device has “SecuReporter Premium” license.

The logs in SecuReporter > Analysis >  Device is related to “Interface Statistics” and “CPU/Session”.

 Make sure the following options are enabled.