best practices for storing and analyze the Firewall logs

xkp68
xkp68 Posts: 26  Freshman Member
First Anniversary First Comment
edited April 2021 in Security
Hello,
which is the best practices for storing and analyze the Firewall logs?
My impression is that in my ATP500 the internal log is able to store only 1024 records, and even if I have setted up the USB  internal storage, all I get is a serie of daily log files that I m unable to
analyze from the Firewall web interface.
So i m considering the option of a syslog server not only to store but to analyze the logs too.
For this reason I wonder if the community can suggest me the most common and used syslog servers for this purpose, both free and commercial.
Any help and suggestions will be greatly appreciated
Thanks in advance
Filippo

All Replies

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,039  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Hi @xkp68

    Or you can consider to adopt SecuReporter which provides cloud-based and visualization interface to help you monitor on your devices in more convenient way.
  • xkp68
    xkp68 Posts: 26  Freshman Member
    First Anniversary First Comment
    Hi Jeff,
    thanks for your answer.
    Unfortunately it is mandatory for me not to use a cloud-based solution, this is why i m asking for alternative.As a matter of fact the ATP500 is able to manage till 4 remote server for logging so i hope someone here uses this feature.
  • jasailafan
    jasailafan Posts: 189  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    @xkp68
    Follow the steps in scenario 5 to send the logs to syslog server.
    ftp://ftp2.zyxel.com/UAG4100/application_note/UAG4100_1.pdf

Security Highlight