-
Notifications
You must be signed in to change notification settings - Fork 57
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
2b2bfe4
commit 6894238
Showing
2 changed files
with
38 additions
and
0 deletions.
There are no files selected for viewing
37 changes: 37 additions & 0 deletions
37
docs/xdr/features/collect/integrations/network/sonicwall_sma.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| uuid: 622999fe-d383-4d41-9f2d-eed5013fe463 | ||
| name: SonicWall SMA | ||
| type: intake | ||
|
|
||
| ## Overview | ||
|
|
||
| SonicWall Secure Mobile Access offers secure and seamless remote access to corporate resources, applications, and data, enhancing workforce mobility while maintaining robust security and compliance measures. | ||
|
|
||
| {!_shared_content/operations_center/detection/generated/suggested_rules_622999fe-d383-4d41-9f2d-eed5013fe463_do_not_edit_manually.md!} | ||
|
|
||
| {!_shared_content/operations_center/integrations/generated/622999fe-d383-4d41-9f2d-eed5013fe463.md!} | ||
|
|
||
| ## Configure | ||
|
|
||
| This setup guide will show you how to forward your SonicWall SMA logs to Sekoia.io by means of a syslog transport channel. | ||
|
|
||
| ### Prerequisites | ||
|
|
||
| - Must have GMS server or On-Prem Analytics server installed and configured. | ||
| - Have an Address Object Created on the Firewall for SonicWall Analytics system. | ||
| - Have an internal log concentrator (Rsyslog) | ||
|
|
||
| ### Enable Syslog forwarding for SonicWall SMA | ||
|
|
||
| 1. Log in to the SonicWall SMA appliance’s management interface | ||
| 2. Go to `Log > Settings` | ||
| 3. In the Log & Alert levels section, define the severity level of log messages. | ||
| 4. In the syslog settings, type the ip address and the port of our log concentrator | ||
| 5. Click Accept to save your configuration settings | ||
|
|
||
| ### Create the intake | ||
|
|
||
| Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the format SonicWall SMA. | ||
|
|
||
| ### Forward logs to Sekoia.io | ||
|
|
||
| Please consult the [Syslog Forwarding](../../../ingestion_methods/sekoiaio_forwarder/) documentation to forward these logs to Sekoia.io. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters