Skip to content

Syslog Integration

Once configured, all existing and new Valtix Gateways using the defined Syslog Profile will send selected Flow Logs, Firewall Events or HTTPS Logs to your Syslog server with the configuration options selected.

In order to complete the steps in this guide, you will need:

A Syslog server IP Address and Port

Create a Syslog Profile

  1. Navigate to Manage -> Profiles -> Log Forwarding
  2. Click Create
  3. Profile Name - Enter unique name for the integration. Example valtix-syslog Note: Spaces are not permitted.
  4. Description (optional) - Enter a description for the integration
  5. SIEM Vendor - Using the pulldown, choose Syslog
  6. Server IP - Enter the Syslog server IP Address. Example 52.67.3.54
  7. Protocol - UDP is the default. Npte: This the only supported protocol currently.
  8. Port - Enter the Syslog listening port number.
  9. Format - IETF is the default. Npte: This the only supported format currently.
  10. Flow Logs - Click Yes or No to forward Flow Logs using this profile.
  11. Firewall Events - Click Yes or No to forward Firewall Events using this profile.
  12. HTTPS Logs - Click Yes or No to forward HTTPS Logs using this profile.
  13. Network Threats - Using the pulldown,select a Severity level to forward.
    • Options are: Emergency Alert Critical Error Warning Notice Info Debug
  14. Web Attacks - sing the pulldown,select a Severity level to forward
    • Options are: Emergency Alert Critical Error Warning Notice Info Debug
  15. Click Save