Remote Syslog FAQ
Table of Contents
Click an item to jump directly to that question.
1. How do I send syslog traffic from my NG Firewall to a syslog server?
This is done by enabling Syslog under Config > Events > Syslog. More information regarding the process including how to create Syslog Event rules can be found in the article below:
https://support.untangle.com/hc/en-us/articles/115012950828-How-to-Create-Syslog-Event-Rules
2. What syslog software does NG Firewall work with?
3. Why shouldn't I use the default syslog rule?
Syslog uses a considerable amount of resources when enabled. The resource usage increases with the amount of data being gathered and sent to a remote server. Our default rule, which is meant as nothing more than a placeholder and example for reference, has all classes selected so uses the most amount of resources. On devices that are already fairly busy this can cause performance issues.
4. Why do you provide a default rule if you do not recommend using it?
The default rule is meant as nothing more than a placeholder and example for reference.
5. Can I send syslog data to an offsite server or service?
Yes, you can send syslog data to any IP address that the NG Firewall is able to access.
Comments
0 comments
Please sign in to leave a comment.