Follow

Remote Syslog FAQ

1. How Do I Send Syslog Traffic From My Untangle NGFW To A Syslog Server?

This is done by enabling Syslog under Config > Events > Syslog. More information regarding the process including how to create Syslog Event rules can be found in the article below:

https://support.untangle.com/hc/en-us/articles/115012950828-How-to-Create-Syslog-Event-Rules 

 

   

2. >What Syslog Software Does Untangle Work With?

Untangle can send data to any syslog server that is using standard syslog format and syntax. Some syslog products are easier to set up than others. Kiwi, a third-party syslog daemon, is a favorite of many Untanglers using Windows, while those on *nix can use rsyslog.

 

 

3. Why Shouldn't I Use the Default Syslog Rule?

 Syslog uses a considerable amount of resources when enabled. The resource usage increases with the amount of data being gathered and sent to a remote server. Our default rule, which is meant as nothing more than a placeholder and example for reference, has all classes selected so uses the most amount of resources. On devices that are already fairly busy this can cause performance issues.

 

 

4. Why Do You Provide a Default Rule If You Do not Recommend Using It?

  The default rule is meant as nothing more than a placeholder and example for reference. 

 

 

5. Can I Send Syslog Data To An Off-Site Server Or Service?

 Yes you can send syslog data to any IP address that the NGFW is able to access.

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk