10-17-2023 06:44 AM
Hi,
my customer would like use a Panorama device as standalone syslog server (using standard syslog tcp/udp port 514), so that it can collect logs for firewalls it does not manage.
Is it possible?
So we can configure on the Panorama that manage the firewalls, a syslog server profile pointing the ip address of the standalone syslog server Panorama (that doesn't manage the FWs). Which port we need to use and which syslog format (BSD or IETF)?
Thanks
Max
10-17-2023 02:04 PM
Hello @Beaverdad73
Firewall needs to be registered in Panorama to be able to send logs to Panorama. You do not have to use Device Group / Template Stack configurations to manage Firewall from Panorama, but Firewall's serial number needs to be at least registered and assigned to log collector group to get logs.
If you mean scenario to configure a Firewall with syslog profile pointing to Panorama's IP address and use Panorama as a syslog server, I do not think this is going to be working. Panorama does not ingest 3rd party logs.
Kind Regards
Pavel
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
