Dell SonicWall Firewall

Dell SonicWall Firewall


Download from Github
View on Github
Open Issues

Tested with Graylog 2.1

This content pack provides extractors for SonicWall Firewalls and a few example dashboards:

  • VPN Connections (24h)
  • More coming soon ( help is welcome! )


  • Input SonicWall (Raw/Plaintext UDP)
  • Extractors (Garbage Cleanup and KVP, dst_ip, dst_port, dst_if, dst_hostname, src_ip, src_port, src_if, src_hostname, proto_type, proto_service, timestamp)
  • Dashboards


The Dashboards use the “gl2_source_input” field in queries. Be sure to verify if it matches your SonicWall Input ID


  • Dell SonicWall Firewall configured to send SYSLOG to 12202/UDP, no custom settings