NetScreen Firewall

NetScreen Firewall

Enable Syslog Messages and Disable WebTrends Messages using the NetScreen Administration Tools Console 

  1. Log in to the NetScreen GUI.

  2. Click Configuration> Report Settings> Syslog in the left pane of the NetScreen GUI.

  3. Select the Enable Syslog Messages check box.

  4. Select the Trust Interface as Source IP for VPN and Include Traffic Log check box.

  5. Type the IP address of the “Log Collector” and syslog port (514) in the Syslog Host Name / Port text box.

  6. All other fields will have default values.

  7. Click Apply to save the changes.

  8. Click Configuration> Report Settings> WebTrends in the left pane of the NetScreen GUI

  9. Clear the Enable WebTrends Messages check box.

  10. Click Apply to save the changes.

To configure Syslog, perform the following steps:

  1. Open the WebUI.

  2. From the ScreenOS console menu, click Configuration, select Report Settings, and then click Syslog.

  1. From the Syslog page, click to select Enable Syslog Messages.

Note:

From the 'Source interface' drop-down menu, select the interface from which syslog packets are sent.

  1. Enter the necessary information for each syslog server you are adding. Syslog messages can be sent to up to 4 designated syslog servers. 

  • Enable: Select this option to enable the syslog server.

  • IP/ Hostname: The IP address of the “Log Collector”..

  • Port: In the Port field, enter the port the server uses for syslog messages. Please check Appendix A for default port list.

  • Security Facility: The security facility, which classifies and sends security specific messages to the syslog host.

  • Facility: The regular facility, which classifies and sends all other messages for events unrelated to security.

  • Event Log: Select this option to send event log entries to the syslog host.

  • Traffic Log: Select this option to send traffic log entries to the syslog host.

  1. Click APPLY to save the syslog configuration. 

Caution:

Uncheck the TCP option. This will make the firewall to send syslogs in the configured UDP port.

Configure/Enable Syslog Messages for Netscreen Firewall device using CLI Console:

Execute the following commands to configure syslog via CLI: 

set syslog config 192.168.1.2 set syslog config 192.168.1.2 facilities local0 local0 set syslog config 192.168.1.2 log traffic set syslog src-interface <<interface name>> set syslog enable

NOTE: The difference between “security facility” and “facility” is that “security facility” is specific for logging of security related events. Facility logs all other events.

PreviousCisco VPN ConcentratorNextConfigure/Enable Syslog Messages for Netscreen Firewall device using CLI Console:

Last updated