Remote syslog server settings

edfosho
edfosho Posts: 2
First Comment Friend Collector First Anniversary
edited April 2021 in Security

Hi,

I have configured and activated "Remote Server 1" in the Log Settings on my ATP800. Does it need a restart before sending logs?

I can't see any connections on my syslog server.

Ed

All Replies

  • Alfonso
    Alfonso Posts: 257
    5 Answers First Comment Friend Collector Second Anniversary
     Master Member

    Hi @edfosho

    Welcome to the forum. Make yourself at home.


    Sorry for my stupid question, is your firewall policy allowing the syslog flow?


    Regards

  • edfosho
    edfosho Posts: 2
    First Comment Friend Collector First Anniversary

    Hi @Alfonso

    Not a stupid question... does there need to be a rule on the ATP800 itself?

    It's not clear what IP interface on the ATP800 the syslog messages will be coming from.

    Ed

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,102
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 1000 Comments
     Guru Member

    Hi @edfosho

    Welcome to Zyxel Community. 😀

    There is no need to restart device. Just click “Active” and fill in the syslog server IP.

    All the log items are disabled by default, you need to change to normal. 

    Enable log: Set to Normal at “CONFIGURATION > Log & Report > Log Settings > Remote Server 1”

    1.jpg


    Packets trace : After completion of the action above, you should be able to see the syslog packets sent out from ATP interface.

    CLI: packet-trace interface gex extension-filter port 514

    2.png


Categories

Security Highlight


Read more

Security Help Center

  • FAQ
  • New & Release
  • Monthly Express
  • Threat Intelligence
  • Video Tutorials
    • EnglishTiếng ViệtРусскийไทย中文(台灣)