Skip to content

BeGrimm/graylog-content-pack-sonicwall

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SonicWall Security Dashboard
SonicWall Security Dashboard
 
 
content_pack.json
content_pack.json
 
 

Repository files navigation

SonicWall Content Pack for Graylog

Tested with Graylog 2.1

This content pack provides extractors for SonicWall Firewalls and a few example dashboards:

  • VPN Connections (24h)
  • More coming soon (help is welcome!)

Includes

  • Input SonicWall (Raw/Plaintext UDP)

  • Extractors (Garbage Cleanup and KVP, dst_ip, dst_port, dst_if, dst_hostname, src_ip, src_port, src_if, src_hostname, proto_type, proto_service, timestamp)

  • Dashboards

    Tip

    The Dashboards use the "gl2_source_input" field in queries. Be sure to verify if it matches your SonicWall Input ID

Requirements

  • Dell SonicWall Firewall configured to send SYSLOG to 12202/UDP, no custom settings

SonicWall Reference Guide

About

SonicWall Content Pack for Graylog

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published