cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
451
Views
0
Helpful
5
Replies

Firewall Logs

bericaleb
Level 1
Level 1

I've configured logging on our Firewall with the following configs.

logging on

logging timestamp

logging console alerts

logging monitor debugging

logging buffered warnings

logging trap debugging

logging facility 23

logging device-id hostname

logging host inside xx.xx.xx.xx 17/1514

logging host inside xx.xx.xx.xy

I'm using Solarwinds Syslog Server to retrieve the logs but can't see anything from the Firewall. THe syslog server is on our internal network and is configured to monitor the inside interface of our firewall. Why am I not able to view the logs? Pls help me.

5 Replies 5

Collin Clark
VIP Alumni
VIP Alumni

I see you have two hosts your sending syslog to, is it working on the other box? Is the solarwinds box x.x.x.x or x.x.x.y?

We have two hosts that should be able to receive the messages. The solarwinds box x.x.x.x is the one I want the logs to sent to as Syslog server is installed on this box.

In your original post, x.x.x.x sends syslog on port 1514, do you have SW setup to receive syslog on that port?

There was another monitoring tool that we were using called the Firewall Analyzer but it is no longer used. This software was setup to receive messages on the specified port.

You can try with kiwi, also make sure that you have connectivity between those to host and the FW, for example from the firewall try to ping the two hosts if you get a timeout you will need to correct that before start sending syslogs.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: