Dell SonicWall Firewall

Dell SonicWall Firewall

@eduardohki

Download from Github
View on Github
Open Issues
Stargazers

Tested with Graylog 2.1

This content pack provides extractors for SonicWall Firewalls and a few example dashboards:

  • VPN Connections (24h)
  • More coming soon ( help is welcome! )

Includes

  • Input SonicWall (Raw/Plaintext UDP)
  • Extractors (Garbage Cleanup and KVP, dst_ip, dst_port, dst_if, dst_hostname, src_ip, src_port, src_if, src_hostname, proto_type, proto_service, timestamp)
  • Dashboards

Tip

The Dashboards use the “gl2_source_input” field in queries. Be sure to verify if it matches your SonicWall Input ID

Requirements

  • Dell SonicWall Firewall configured to send SYSLOG to 12202/UDP, no custom settings