Connection of the UTM to a syslog server
Last adaptation to the version: 12.6.0
New:
- Own Securepoint format for syslog server
- Note on UDP protocol at PRTG
- Updated to Redesign of the webinterface
This article refers to a Resellerpreview
Syslog settingsSyslog settings
| |||
| The connection of the UTM is configured on a syslog server (syslogd). | |||
| Caption | Value | Description | UTMuser@firewall.name.fqdnNetwork 
|
|---|---|---|---|
| Log the UTM hostname in the syslog messages: | No | In case of Yes activation the hostname is transmitted with | |
Syslog-ServerSyslog-Server | |||
| IP / Hostname: | syslog.ttt-point.de | IP address or host name of the syslog server. notempty If more than one ip-address is assigned to the hostname while you are using Round Robin DNS, the syslog messages may be send to another server each time the service gets restarted. Additionally you won't be protected against DNS Spoofing anymore. Please make sure only one address is assigned to the hostname.
| |
| Port: | 514 |
Default port for syslog messages | |
| Protocol | Default protocol for syslog messages. Alternatively can be selected here. | ||
The Securepoint appliance uses an rfc5424-based protocol format. Alternatively, the following template can be used for syslog servers. This template is automatically recognized by some syslog servers, but must be entered manually for others. template rfc5424_and_116_compat_format {template("<${PRI}>1 ${ISODATE} - ${PROGRAM} $(or ${PID} '-') - - ${MSG}\n");}; | |||
Securepoint Operation Center (SOC)
notempty
The SOC was discontinued on 31.07.2022 and is not compatible with the UTM from v12.6.0.
Paessler PRTG
| Paessler PRTG can be used to query the syslog data of a UTM. Configuration instructions can be found in a separate Wiki article. |
 |