How to send device logs to SecuReporter
Zyxel Employee
SecuReporter is a security analytics portal that collects and analyzes logs from SecuReporter-licensed Zyxel Devices in order to identify anomalies, alert on potential internal / external threats, and report on network usage. The article explains what you need to configure on ATP/USG FLEX to make devices send logs to SecuReporter.
Configuration steps
The logs in SecuReporter > Analysis > Security Indicator and SecuReporter > Analysis > Network Activity are related to “Security Service".
There must be match rules for security services on the device to send data to SecuReporter.
Go to CONFIGURATION > Mgmt. & Analytics > SecuReporter > Categories and make sure these options are enabled.
Especially you need to select the profile and apply each security service feature on the policy rule to create logs for security features such as Web Content Filter, DNS Content Filter and App Patrol.
The logs in SecuReporter > Analysis > Traffic is related to traffic usage and security statistics.
Make sure the following options are enabled.
Note: The following data are displayed on SecuReporter when the device has “SecuReporter Premium” license.
The logs in SecuReporter > Analysis > Device is related to “Interface Statistics” and “CPU/Session”.
Make sure the following options are enabled.
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 145 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 239 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight