Up
Previous Next Sheriff CSMâ„¢
Previous Next Sheriff CSMâ„¢
Untangle NG Firewall
When you configure Untangle NG Firewall to send log data to Sheriff CSM, you can use the Untangle NG Firewall plugin to translate raw log data into normalized events for analysis. The table below provides some basic information for the plugin: Plugin Information| Device | Details |
|---|---|
| Vendor | Untangle |
| Device Type | Firewall |
| Connection Type | Syslog |
| Data Source Name | Untangle-NGFW |
| Data Source ID | 1843 |
Integrating Untangle NG Firewall
Before you configure the Untangle NG Firewall integration, you must have the IP Address of the Sheriff CSM Sensor (Deputy). To configure Untangle NG Firewall to send Syslog messages to Sheriff CSM- From the Untangle Administration interface, select Reports Settings > Syslog.
-
Configure the following options:
- Host: Enter the Sheriff CSMIP Address.
- Port: 514
- Protocol: This is the protocol used to send syslog messages. UDP is the default protocol.
Plugin Enablement
For plugin enablement information, see Enable Plugins.Additional Resources and Troubleshooting
https://wiki.untangle.com/index.php/Reports#Syslog For troubleshooting, refer to the vendor documentation: https://support.untangle.com/hc/en-us/articles/200683678-Troubleshoot-throughput-through-NG-FirewallThis topic: Sheriff > UserGuides > SheriffCSMDocumentation > DeploymentGuide > PluginManagement > ConfigureLogForwardingOnCommonlyUsedDataSources > UntangleNGFirewall
Topic revision: 26 Jun 2022, SheriffCyberSecurity
Topic revision: 26 Jun 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.