 |
You are here: Docs>Sheriff Web>UserGuides>SheriffCSMDocumentation>DeploymentGuide>PluginManagement>ConfigureLogForwardingOnCommonlyUsedDataSources>GTAFirewall (29 Jun 2022, SheriffCyberSecurity)Edit Attach
Up
Previous Next Sheriff CSMâ„¢
Previous Next Sheriff CSMâ„¢
GTA Firewall
When you configure GTA Firewall to send log data to Sheriff CSM, you can use the GTA Firewall plugin to translate raw log data into normalized events for analysis. The table below provides some basic information for the plugin: Plugin Information| Device | Details |
|---|---|
| Vendor | GTA |
| Device Type | Firewall |
| Connection Type | Syslog |
| Data Source Name | Gta-firewall |
| Data Source ID | 1882 |
Integrating GTA Firewall
Before you configure the GTA Firewall integration, you must have the IP Address of the Sheriff CSM Sensor (Deputy). To configure GTA Firewall to send Syslog messages to Sheriff CSM- From the GTA Firewall user interface, select Configure > Services > Remote Logging.
-
Select the Enable check box.
- Select AUTOMATIC in the source IP address object from the Binding Interface drop-down list box.
-
Enter the Sheriff CSM IP address and port 514 in the Syslog Server field, for example:
172.19.19.1:514
Plugin Enablement
For plugin enablement information, see Enable Plugins.Additional Resources and Troubleshooting
https://www.gta.com/assets/pdf/guides/current/GB-OS_6.2_Users_Guide.pdf For troubleshooting, see the vendor documentation.Edit | Attach | Print version | History: r9 < r8 < r7 < r6 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r9 - 29 Jun 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.