Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 8 replies
  • Answers 3 answers
  • Subscribers 28 subscribers
  • Views 16460 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sending Logs to IView Server

Navar Holmes

Under "System Services" is Log Settings.

What are the correct setting to send log to our IVEW 2 server.

My iview server appears to be only getting part of the logs.

What I have.

Port:514

Facility: DAEMON

Severity: Debug

Format: Device Standard Format.



This thread was automatically locked due to age.
Parents
  • 0

    Hi Navar ,

    As per Luk , check the KB article. Also make sure your Iview server is up and running 24/7 . If you system is off for a day or two you would not retrieve the logs for that day . Also you may check the communication of the Iview and XG by checking on console.

    console>tcpdump 'port 514

  • 0 in reply to Aditya Patel

    After working with support for almost two hours all of the settings on both the XG and the Iview look correct.

    We found that there is a 2 hour lag between XG logs and Iview logs.

    Also Iview will only show a detailed report.  The summary report is blank.

    Also Iview under the Main Dashboard only shows "Blocked Traffic".  "Allowed Traffic" is blank and doesn't list the XG device.

Reply
  • 0 in reply to Aditya Patel

    After working with support for almost two hours all of the settings on both the XG and the Iview look correct.

    We found that there is a 2 hour lag between XG logs and Iview logs.

    Also Iview will only show a detailed report.  The summary report is blank.

    Also Iview under the Main Dashboard only shows "Blocked Traffic".  "Allowed Traffic" is blank and doesn't list the XG device.

Children