These instructions assume:
- The device is on version 6.5 or higher.
- The date, time and time zone are correctly set on the device.
- You have administrative access to the firewall.
- The IP address of your Auvik collector is known. You can find this in the Syslog > Summary tab in the Export Information column.
Configure syslog
- Log into the SonicWALL web admin console
- Click Manage
- Click Log Settings to expand the menu
- Click SYSLOG
- In the Syslog Servers section, click Add.
-
In the Add Syslog Server window
- On Name or IP Address, select Create New Address Object
-
Create an object for the Auvik collector IP.
- Name: A recognizable name such as “Auvik Collector”
- Zone Assignment: Typically X1, zone representing the network the Auvik collector is in.
- Type: Host
- IP Address: Enter the Auvik collector IP address
- Click OK.
-
On Name or IP address, select the newly created object.
- Set Port to 514
- Leave the remaining options as default
- Click OK.
- Click Accept.
A reboot of the SonicWall device may be required for the new settings to take effect.
For more information:
https://www.sonicwall.com/support/knowledge-base/how-can-i-configure-a-syslog-server-on-a-sonicwall-firewall/170505984096810/