Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 25 subscribers
  • Views 9604 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is Kiwi Syslog service manager compatible?

domTon

I've configured the firewall to report to a syslog server but nothing comes through.  I've tried disabling the firewall on the desktop/server and still nothing is reported from the Sophos firewall.  I've also use the servers built in test message to verify it is working.

Server application: Kiwi syslog service manager

port: 514

Enabled all logging options under the syslog column

facility: user/daemon/local0/kernel (tried all)

information level: information/debug/alert



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    It should work, never tested Kiwi though. Can you take SSH to XG and capture tcpdump on port 514. Do you see packets forwarded from XG to the syslog server ?

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    TCPDUMP was surprisingly easy to use.  I ran it and do see entries for port 514 though I can't tell if they are UDP or TCP.  Just to be sure, I set the port in Kiwi to both 514 udp and tcp and still I see nothing in Kiwi syslog.  I turned off the computer firewall.  I don't think it is an issue with Sophos.  I give up.

  • 0 in reply to domTon

    Hi,

    If you can check this document here. Try with different facility option available. Also, the Device will produce logs in the selected format. Currently, the device can only produce logs in its own standard format i.e. DeviceStandardFormat.


    Thanks

    P.S- there's hope :)

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Reply
  • 0 in reply to domTon

    Hi,

    If you can check this document here. Try with different facility option available. Also, the Device will produce logs in the selected format. Currently, the device can only produce logs in its own standard format i.e. DeviceStandardFormat.


    Thanks

    P.S- there's hope :)

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Children
Cookie Information Banner