Syslog - SonicWall SonicOS/X

Device Details

Device Name	SonicWall SonicOS/X
Vendor	SonicWall
Device Type	SonicOS/X
Supported Model Name/Number	N/A
Supported Software Version	N/A
Collection Method	Syslog
Configurable Log Output	N/A
Log Source Type	Syslog - SonicWall SonicOS/X
Log Processing Policy	LogRhythm Default V 2.0
Exceptions	N/A
Additional Information	https://www.sonicwall.com/techdocs/pdf/SonicOS-X_7.0.1_LogEvents_ReferenceGuide.pdf

Supported Log Messages

(List of LR tags used to parse the log information for each message type)

Type	Product Version	Supported Schema Fields
Attack Events	N/A	<serialnumber>, <severity>, <vmid>, <vendorinfo>, <smac>, <sip>, <sport>, <sinterface>, <dmac>, <dip>, <dport>, <dinterface>, <protname>, <bytesin>, <subject>, <quantity>, <action>, <tag1>
Catch-All Events	N/A	<serialnumber>, <severity>, <vmid>, <tag1>
Dropped TCP Events	N/A	<serialnumber>, <severity>, <vmid>, <vendorinfo>, <smac>, <sip>, <sport>, <sinterface>, <dmac>, <dip>, <dport>, <dinterface>, <protname>, <bytesin>, <quantity>, <action>, <tag1>
General Firewall Events	N/A	<serialnumber>, <severity>, <vmid>, <smac>, <sip>, <sport>, <sinterface>, <dmac>, <dip>, <dport>, <dinterface>, <protname>, <bytesin>, <policy>, <object>, <objectname>, <vendorinfo>, <subject>, <quantity>, <action>, <tag1>
HTTP Connection Events	N/A	<serialnumber>, <severity>, <vmid>, <smac>, <sip>, <sport>, <sinterface>, <dmac>, <dip>, <dport>, <dinterface>, <login>, <protname>, <bytesout>, <bytesin>, <packetsout>, <packetsin>, <duration>, <policy>, <object>, <objectname>, <vendorinfo>, <quantity>, <action>, <tag1>
Network Debug Events	N/A	<serialnumber>, <severity>, <vmid>, <smac>, <sip>, <sport>, <sinterface>, <dmac>, <dip>, <dport>, <dinterface>, <protname>, <bytesin>, <policy>, <object>, <objectname>, <vendorinfo>, <quantity>, <action>, <tag1>
Network Traffic Events	N/A	<serialnumber>, <severity>, <vmid>, <smac>, <sip>, <sport>, <sinterface>, <snatip>, <dmac>, <dip>, <dport>, <dinterface>, <dnatip>, <login>, <protname>, <bytesout>, <bytesin>, <session>, <policy>, <object>, <objectname>, <vendorinfo>, <quantity>, <action>, <tag1>
No Legacy Event	N/A	<serialnumber>, <severity>, <vmid>, <vendorinfo>, <sinterface>, <packetsin>, <bytesin>, <packetsout>, <bytesout>, <quantity>, <action>. <tag1>
User Activity Events	N/A	<serialnumber>, <severity>, <vmid>, <vendorinfo>, <sip>, <sport>, <sinterface>, <dip>, <dport>, <dinterface>, <protname>, <duration>, <subject>, <quantity>, <action>, <tag1>

Revision History

KB Version	Log Type	Change Type	Details
KB 7.1.665.0	Syslog - SonicWall SonicOS/X	New Device Documentation	N/A