Support on SonicWall Products, Services and Solutions
Browse Knowledgebase by Category
Firewall not sending syslog
03/26/2020 117 14915
After adding a syslog server or GMS/Analyzer to the SonicWall no syslog packets are seen in the packet capture.
In order for the SonicWall to start generating syslog packets a certain log event ("Activate Firewall") needs to be sent as "Alert" during the boot process of the SonicWall.
Once this log event is generated the syslog process will be triggered and the SonicWall will start sending syslogs.
- Login to the SonicWall
- Open Log | Settings
- In the Log Category View, open System | Status
- Tick the Syslog, GUI and Alert boxes for the "Activate Firewall" event (ID 4) and click apply in the top right
- Reboot the firewall
After the firewall has rebooted, perform a packet capture to confirm that the SonicWall is indeed sending syslog packets.