Syslog - Ubiquiti UniFi Security Gateway
Device Details
Vendor | Ubiquiti |
|---|---|
Device Type | Enterprise Gateway |
Supported Model Name/Number | Ubiquiti UniFi Security Gateway |
Supported Software Version(s) | All |
Collection Method | Syslog |
Configurable Log Output? | Yes |
Log Source Type | Syslog - Ubiquiti UniFi Security Gateway |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information |
Prerequisites
- UniFi Controller Software
Device Configuration Checklist
- The device is connected and powered on.
- The Ubiquiti UniFi Controller software is installed.
- The device is adopted from the UniFi Controller dashboard.
Currently Supported Log Types
Type | Product Version | Supported Schema Fields |
|---|---|---|
Syslog Messages | All | <severity>, <parentprocessname>, <sname>, <object>, <vendorinfo> |
Workload Messages | All | <severity>, <parentprocessname>, <sname>, <vendorinfo>, <duration> |
Host Messages | All | <severity>, <parentprocessname>, <sname>, <object>, <reason>, <url> |
Network Traffic Log | All | <severity>, <parentprocessname>, <sname>, <object>, <dinterface>, <sinterface>, <smac>, <sip>, <dip>, <size>, <duration>, <protname>, <sport>, <dport> |
Parsed Metadata Fields
Product Field Name | LogRhythm Metadata Field | Value/Data Type |
|---|---|---|
DPT | <dport> | Numeric |
DST | <dip> | IP Address |
IN | <dinterface> | Text |
LEN | <size> | Numeric |
MAC | <smac> | Mac Address |
OUT | <sinterface> | Text |
PROTO | <protname> | Text |
SPT | <sport> | Numeric |
SRC | <sip> | IP Address |
TTL | <duration> | Numeric |