Remote syslog server settings

Options
edfosho
edfosho Posts: 2 image  Freshman Member
First Comment Friend Collector First Anniversary
edited April 2021 in Security

Hi,

I have configured and activated "Remote Server 1" in the Log Settings on my ATP800. Does it need a restart before sending logs?

I can't see any connections on my syslog server.

Ed

All Replies

  • Alfonso
    Alfonso Posts: 257 image  Master Member
    5 Answers First Comment Friend Collector Second Anniversary

    Hi @edfosho

    Welcome to the forum. Make yourself at home.


    Sorry for my stupid question, is your firewall policy allowing the syslog flow?


    Regards

  • edfosho
    edfosho Posts: 2 image  Freshman Member
    First Comment Friend Collector First Anniversary

    Hi @Alfonso

    Not a stupid question... does there need to be a rule on the ATP800 itself?

    It's not clear what IP interface on the ATP800 the syslog messages will be coming from.

    Ed

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,570 image  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    Hi @edfosho

    Welcome to Zyxel Community. 😀

    There is no need to restart device. Just click “Active” and fill in the syslog server IP.

    All the log items are disabled by default, you need to change to normal. 

    Enable log: Set to Normal at “CONFIGURATION > Log & Report > Log Settings > Remote Server 1”

    1.jpg


    Packets trace : After completion of the action above, you should be able to see the syslog packets sent out from ATP interface.

    CLI: packet-trace interface gex extension-filter port 514

    2.png


Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)