How to send device logs to SecuReporter
Zyxel Employee
SecuReporter is a security analytics portal that collects and analyzes logs from SecuReporter-licensed Zyxel Devices in order to identify anomalies, alert on potential internal / external threats, and report on network usage. The article explains what you need to configure on ATP/USG FLEX to make devices send logs to SecuReporter.
Configuration steps
The logs in SecuReporter > Analysis > Security Indicator and SecuReporter > Analysis > Network Activity are related to “Security Service".
There must be match rules for security services on the device to send data to SecuReporter.
Go to CONFIGURATION > Mgmt. & Analytics > SecuReporter > Categories and make sure these options are enabled.
Especially you need to select the profile and apply each security service feature on the policy rule to create logs for security features such as Web Content Filter, DNS Content Filter and App Patrol.
The logs in SecuReporter > Analysis > Traffic is related to traffic usage and security statistics.
Make sure the following options are enabled.
Note: The following data are displayed on SecuReporter when the device has “SecuReporter Premium” license.
The logs in SecuReporter > Analysis > Device is related to “Interface Statistics” and “CPU/Session”.
Make sure the following options are enabled.
Categories
- 8.5K All Categories
- 1.6K Nebula
- 72 Nebula Ideas
- 57 Nebula Status and Incidents
- 4.5K Security
- 227 Security Ideas
- 982 Switch
- 46 Switch Ideas
- 880 WirelessLAN
- 24 WLAN Ideas
- 5.1K Consumer Product
- 158 Service & License
- 280 News and Release
- 61 Security Advisories
- 13 Education Center
- 581 FAQ
- 263 Nebula FAQ
- 160 Security FAQ
- 76 Switch FAQ
- 75 WirelessLAN FAQ
- 7 Consumer Product FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 62 About Community
- 46 Security Highlight