Stormshield Firewall

s0p4L1N · September 5, 2023, 10:43am

Stormshield Firewall Content Pack

Tested with Stormshield 4.0.3 and Graylog 5.1.4. Should work with all Stormshield 4.X version.

The Content Pack should be compatible with all Graylog 5.X version.

Note this was built without extractors, only pipeline rules.

Graylog 5.0
Stormshield Firewall w/ Syslog 1514/UDP Ports
Open port 1514 for UDP on the graylog host and/or docker compose file
Edit content-pack.json and find the strings:
- firewall.lab.lan and rename it according to your firewall hostname.
- Europe/Paris and rename it according to your server Timezone

Topic		Replies	Views
Dell SonicWall Firewall Content Pack content-pack	10	4322	March 20, 2025
Old content pack import failed in graylog 4.3 Graylog Central (peer support)	21	988	January 19, 2023
Fortigate extractors the NEW Marketplace	2	1942	March 28, 2024
Is there any extractors for sonicwall firewall Graylog Central (peer support)	6	493	December 7, 2023
Sonicwall Syslog Graylog Central (peer support) content-pack	2	1610	May 2, 2022