Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 27 subscribers
  • Views 787 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

wrong / missing hostname in syslog, bug ?

StefanS

Hi there,
we are currently sending all XG logs to our SIEM via syslog.
 We have to determine, that the actual hostname of the FW is not transmitted correctly.

<30>device="SFW" date=2020-05-18 time=14:38:57 timezone="CEST" device_name="XG230" device_id=1234567890123456

The correct firewall hostname is not contained in either "device" or "device_name".
 Should that be so or a bug ?

regards
StefanS



This thread was automatically locked due to age.
Parents
  • 0

    Hello StefanS,

    Thank you for contacting the Sophos Community.

    What SIEM are you using?

    07-07-2020 15:20:20 Daemon.Info 192.168.15.254 device="SFW" date=2020-07-07 time=15:20:19 timezone="PDT" device_name="XG115" device_id=S12345678910111

    I would actually need to confirm but I think this is expected. 

    Regards,

Reply
  • 0

    Hello StefanS,

    Thank you for contacting the Sophos Community.

    What SIEM are you using?

    07-07-2020 15:20:20 Daemon.Info 192.168.15.254 device="SFW" date=2020-07-07 time=15:20:19 timezone="PDT" device_name="XG115" device_id=S12345678910111

    I would actually need to confirm but I think this is expected. 

    Regards,

Children
No Data