Procedure
Define syslog server objects in SmartConsole.
- Connect with the SmartConsole
- From the left navigation panel, click Gateways and Servers
- Create the Hostobject that represents the Syslog server host
In the Object Explorer, click New > Host
Configure these fields:
Name - Enter a unique name
IPv4 address - Enter the correct IPv4 address of the syslog server
Click OK
- Create the Syslog Server object that represents the Syslog server:
In the Object Explorer, click New > Server > More > Syslog
Configure these fields:
Name - Enter a unique name
Host - Select an existing host or click New to define a new computer or appliance
Port - Enter the correct port number on the syslog server (default = 514)
Version - Select BSD Protocol
Click OK
Close the Object Explorer.
Connect with SmartConsole to the Management Server.
Select the configured syslog server objects in the Security Gateway / Cluster object.
1. Double-click the Security Gateway object
2. From the left tree, click Logs
3, In the Send logs and alerts to these log servers table, click the green (+) button to select the Syslog Server object(s) you configured earlier
4. Click OK
5. Install policy.
Configure the logging properties of the Security Gateways / each Cluster Member.
The fwsyslog_enable kernel parameter enables or disables the Syslog in Kernel feature on Security Gateways:
Value 0 = Disabled (default)
Value 1 = Enabled
You can enable or disable the Syslog in Kernel feature temporarily (until the Security Gateway reboots), or permanently (survives reboot).