Syslog - SonicWall SonicOS/X
Device Details
| Device Name | SonicWall SonicOS/X |
| Vendor | SonicWall |
| Device Type | SonicOS/X |
| Supported Model Name/Number | N/A |
| Supported Software Version | N/A |
| Collection Method | Syslog |
| Configurable Log Output | N/A |
| Log Source Type | Syslog - SonicWall SonicOS/X |
| Log Processing Policy | LogRhythm Default V 2.0 |
| Exceptions | N/A |
| Additional Information | https://www.sonicwall.com/techdocs/pdf/SonicOS-X_7.0.1_LogEvents_ReferenceGuide.pdf |
Supported Log Messages
(List of LR tags used to parse the log information for each message type)
Type | Product Version | Supported Schema Fields |
|---|---|---|
| Attack Events | N/A | <serialnumber>, <severity>, <vmid>, <vendorinfo>, <smac>, <sip>, <sport>, <sinterface>, <dmac>, <dip>, <dport>, <dinterface>, <protname>, <bytesin>, <subject>, <quantity>, <action>, <tag1> |
| Catch-All Events | N/A | <serialnumber>, <severity>, <vmid>, <tag1> |
| Dropped TCP Events | N/A | <serialnumber>, <severity>, <vmid>, <vendorinfo>, <smac>, <sip>, <sport>, <sinterface>, <dmac>, <dip>, <dport>, <dinterface>, <protname>, <bytesin>, <quantity>, <action>, <tag1> |
| General Firewall Events | N/A | <serialnumber>, <severity>, <vmid>, <smac>, <sip>, <sport>, <sinterface>, <dmac>, <dip>, <dport>, <dinterface>, <protname>, <bytesin>, <policy>, <object>, <objectname>, <vendorinfo>, <subject>, <quantity>, <action>, <tag1> |
| HTTP Connection Events | N/A | <serialnumber>, <severity>, <vmid>, <smac>, <sip>, <sport>, <sinterface>, <dmac>, <dip>, <dport>, <dinterface>, <login>, <protname>, <bytesout>, <bytesin>, <packetsout>, <packetsin>, <duration>, <policy>, <object>, <objectname>, <vendorinfo>, <quantity>, <action>, <tag1> |
| Network Debug Events | N/A | <serialnumber>, <severity>, <vmid>, <smac>, <sip>, <sport>, <sinterface>, <dmac>, <dip>, <dport>, <dinterface>, <protname>, <bytesin>, <policy>, <object>, <objectname>, <vendorinfo>, <quantity>, <action>, <tag1> |
| Network Traffic Events | N/A | <serialnumber>, <severity>, <vmid>, <smac>, <sip>, <sport>, <sinterface>, <snatip>, <dmac>, <dip>, <dport>, <dinterface>, <dnatip>, <login>, <protname>, <bytesout>, <bytesin>, <session>, <policy>, <object>, <objectname>, <vendorinfo>, <quantity>, <action>, <tag1> |
| No Legacy Event | N/A | <serialnumber>, <severity>, <vmid>, <vendorinfo>, <sinterface>, <packetsin>, <bytesin>, <packetsout>, <bytesout>, <quantity>, <action>. <tag1> |
| User Activity Events | N/A | <serialnumber>, <severity>, <vmid>, <vendorinfo>, <sip>, <sport>, <sinterface>, <dip>, <dport>, <dinterface>, <protname>, <duration>, <subject>, <quantity>, <action>, <tag1> |
Revision History
| KB Version | Log Type | Change Type | Details |
| KB 7.1.665.0 | Syslog - SonicWall SonicOS/X | New Device Documentation | N/A |