best practices for storing and analyze the Firewall logs

xkp68
xkp68 Posts: 26  Freshman Member
Second Anniversary First Comment
edited April 2021 in Security
Hello,
which is the best practices for storing and analyze the Firewall logs?
My impression is that in my ATP500 the internal log is able to store only 1024 records, and even if I have setted up the USB  internal storage, all I get is a serie of daily log files that I m unable to
analyze from the Firewall web interface.
So i m considering the option of a syslog server not only to store but to analyze the logs too.
For this reason I wonder if the community can suggest me the most common and used syslog servers for this purpose, both free and commercial.
Any help and suggestions will be greatly appreciated
Thanks in advance
Filippo

All Replies

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,172  Zyxel Employee
    Third Anniversary 100 Answers 500 Comments Friend Collector
    Hi @xkp68

    Or you can consider to adopt SecuReporter which provides cloud-based and visualization interface to help you monitor on your devices in more convenient way.


    Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L

  • xkp68
    xkp68 Posts: 26  Freshman Member
    Second Anniversary First Comment
    Hi Jeff,
    thanks for your answer.
    Unfortunately it is mandatory for me not to use a cloud-based solution, this is why i m asking for alternative.As a matter of fact the ATP500 is able to manage till 4 remote server for logging so i hope someone here uses this feature.
  • jasailafan
    jasailafan Posts: 193  Master Member
    Sixth Anniversary 10 Comments 5 Answers Friend Collector
    @xkp68
    Follow the steps in scenario 5 to send the logs to syslog server.
    ftp://ftp2.zyxel.com/UAG4100/application_note/UAG4100_1.pdf

Security Highlight