Skip to content

Configure a Sophos UTM firewall to forward syslogs

  1. Navigate to Logging & Reporting > Log Settings > Remote Syslog Server
  2. On the Remote Syslog Server tab enable remote syslog.
  3. Click the toggle switch.
  4. Click the Plus icon in the Syslog Servers box to create a server.
  5. Name ActZero_Logging
  6. Click the + button next to the Server field
  7. In the edit network definition dialog box enter the following.
  8. Name ActZero_VM
  9. Type host
  10. IPv4 Address The local IP of the ActZero VM
  11. Click the Save button
  12. Click the Plus icon next to the port field
  13. In the Edit service definition dialog box enter the following.
  14. Name ActZero_syslog
  15. Type of definition UDP
  16. Destination Port 514
  17. Source Port 1:65535
  18. Comment remote udp syslog
  19. Format Device Standard Format
  20. Click the Save button
  21. Ensure the Remote Syslog Log Selection has Select All checkbox turned on.

Reference Sophos UTM documentation for further detail.


Was this documentation helpful? Please send us your feedback!