Solved

Sonicwall TZ 100: no logging?

Posted on 2014-01-20
7
646 Views
Last Modified: 2016-11-23
Hi,

I just upgraded my Sonicwall TZ 100 to latest update. Now it appears to be Dell instead of sonicwall. Fine for me. However, when I try to see logging (regarding case http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_28339357.html in which I added a rule from lan to x2 allow any) I don't see any logging appearing. Last logging was from 10 minutes ago, that's it.

Any changes I should make to see logfiles? I want to see where my traffic gets blocked.

Please advise.
J.
0
Comment
Question by:janhoedt
  • 3
  • 2
  • 2
7 Comments
 
LVL 24

Expert Comment

by:diverseit
ID: 39795554
Hi janhoedt,

Unless you have ViewPoint or Analyzer installed & setup you will not be able to see historical logs once you update your firmware. But I'd assume you'd be able to easily duplicate whatever you were seeing.

Let me know if you have any other questions!
0
 

Author Comment

by:janhoedt
ID: 39795581
So no default historical logging UNLESS you pay a subscription?!
0
 
LVL 24

Assisted Solution

by:diverseit
diverseit earned 250 total points
ID: 39795587
Well there is historical logging but no security appliance that I know of have a built-in dB to handle such a request - the log file is just too big. SonicWALL by default has historical log data natively until either the log gets full (at which point it's then flushed) or you reboot the unit.

If you are looking to capture historical logs without a license you can setup SMTP automation and have the logs send via email to yourself when they are full.

Conversely, the licensing gives you a full application that sits on a server or PC and then transmits to a SQL dB.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 8

Accepted Solution

by:
amatson78 earned 250 total points
ID: 39795688
Diverseit is correct, when yo flash a firmware all historical data is gone, only that which is offloaded can be viewed. You do not need Viewpoint any Syslog server can be setup to receive data.

That said if you can reproduce it make sure that whatever firewall access rule you setup has logging enabled? If you go into the rule there is a checkbox to "Enable Logging". If this is unchecked then you will not see it.

If this does not work can you give us some more detail, Screenshots, etc to help you out.



Cheers,
Alan
0
 

Author Comment

by:janhoedt
ID: 39796862
The only thing I was worried about is that I couldn't trace back something that happened 5 minutese ago (a land attack). Apparently logging is now working correctly. Probably related to fresh upgrade of Sonicwall. Now ok.
0
 
LVL 24

Expert Comment

by:diverseit
ID: 39797030
Glad I could help and thanks for the points!
0
 
LVL 8

Expert Comment

by:amatson78
ID: 39797086
Thank you as well, glad to hear you have it working :)
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now