Jump to content


Photo

External syslog

syslog logging splunk

  • Please log in to reply
1 reply to this topic

#1 Eric H.

Eric H.
  • Members
  • 3 posts

Posted 19 June 2013 - 01:17 PM

So, started a new job and I find I've inherited a Barracuda Firewall X300. As part of the overdue housecleaning going on here, I wanted to set up external syslogging, in particular because I want to get Splunk crunching the traffic logs here so we can see if we can get some detailed idea of how we're using our existing bandwidth...

Anyway, there appears to be no facility to log to an external syslog at all on this device. I asked Barracuda support about this a while ago, and the tech said that an update coming out in early-to-mid June would add this feature. However, I don't see any mention of syslog in the release notes for the recently-released 6.0.3 or 6.0.4 updates (we're on 6.0.1). Planning on upgrading soon anyway but wanted to know what the status of this feature is.

...Or is there another way to get this data off the firewall and into Splunk? It doesn't necessarily have to be real-time (though that would be preferred) but it would have to be something automatic, not a manual process. We do have fairly sophisticated scripting/automation tools at hand if the only way to do this is by, say, scripting HTTP requests or something.

#2 Maglaya Pajar

Maglaya Pajar
  • Barracuda Team Members
  • 24 posts
  • LocationSan Jose, CA 95138 | Teams: Firewall, NG Firewall, Web Filter, Web Security, Link Balancer, Load Balancer, Application Firewall

Posted 27 September 2013 - 01:39 PM

Hello!

Syslog streaming is now available through firmware 6.1.0.016.

http://techlib.barra...16-LogStreaming

/Maglaya Pajar