Jump to:navigation, search
Wiki

Syslog

From Securepoint Wiki





notempty
Dieser Artikel bezieht sich auf eine nicht mehr aktuelle Version!

notempty
Der Artikel für die neueste Version steht hier

notempty
Zu diesem Artikel gibt es bereits eine neuere Version, die sich allerdings auf eine Beta-Version bezieht


















































Connection of the UTM to a syslog server

Last adaptation to the version: 12.2.2

New:
  • Note on UDP protocol at PRTG
notempty
This article refers to a Beta version


In the menu → Network →Appliance SettingsTab Syslog the connection of an UTM to a syslog server (syslogd) is configured.

Syslog settings

Syslog settings
Caption Value Description
Log the UTM hostname in the syslog messages: No In case of Yes activation the hostname is transmitted with
  • This setting is not compatible with the Securepoint Operation Center (SOC)

    • Syslog-Server

    Syslog-Server
    Add Syslog Server
    IP / Hostname: syslog.ttt-point.de IP address or host name of the syslog server.

    If more than one ip-address is assigned to the hostname while you are using Round Robin DNS, the syslog messages may be send to another server each time the service gets restarted. Additionally you won't be protected against DNS Spoofing anymore. Please make sure only one address is assigned to the hostname.

    Port 514 Default port for syslog messages
    Protocol udp Default protocol for syslog messages.
    Alternatively tcp can be selected here.
  • PRTG requires udp as protocol for syslog


    • Securepoint Operation Center (SOC)

    If a UTM is added as Node added in SOC, the data that must be entered here is displayed there.
    Message in SOC

    Paessler PRTG

    Paessler PRTG can be used to query the syslog data of a UTM.
    Configuration instructions can be found in a separate Wiki article.
    Dashboard PRTG


    Retrieved from "https://wiki.securepoint.de/index.php?title=UTM/NET/Syslog_v12.2.2&oldid=88246"