• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 678
  • Last Modified:

Sonicwall TZ 100: no logging?

Hi,

I just upgraded my Sonicwall TZ 100 to latest update. Now it appears to be Dell instead of sonicwall. Fine for me. However, when I try to see logging (regarding case http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_28339357.html in which I added a rule from lan to x2 allow any) I don't see any logging appearing. Last logging was from 10 minutes ago, that's it.

Any changes I should make to see logfiles? I want to see where my traffic gets blocked.

Please advise.
J.
0
janhoedt
Asked:
janhoedt
  • 3
  • 2
  • 2
2 Solutions
 
Blue Street TechLast KnightsCommented:
Hi janhoedt,

Unless you have ViewPoint or Analyzer installed & setup you will not be able to see historical logs once you update your firmware. But I'd assume you'd be able to easily duplicate whatever you were seeing.

Let me know if you have any other questions!
0
 
janhoedtAuthor Commented:
So no default historical logging UNLESS you pay a subscription?!
0
 
Blue Street TechLast KnightsCommented:
Well there is historical logging but no security appliance that I know of have a built-in dB to handle such a request - the log file is just too big. SonicWALL by default has historical log data natively until either the log gets full (at which point it's then flushed) or you reboot the unit.

If you are looking to capture historical logs without a license you can setup SMTP automation and have the logs send via email to yourself when they are full.

Conversely, the licensing gives you a full application that sits on a server or PC and then transmits to a SQL dB.
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
amatson78Commented:
Diverseit is correct, when yo flash a firmware all historical data is gone, only that which is offloaded can be viewed. You do not need Viewpoint any Syslog server can be setup to receive data.

That said if you can reproduce it make sure that whatever firewall access rule you setup has logging enabled? If you go into the rule there is a checkbox to "Enable Logging". If this is unchecked then you will not see it.

If this does not work can you give us some more detail, Screenshots, etc to help you out.



Cheers,
Alan
0
 
janhoedtAuthor Commented:
The only thing I was worried about is that I couldn't trace back something that happened 5 minutese ago (a land attack). Apparently logging is now working correctly. Probably related to fresh upgrade of Sonicwall. Now ok.
0
 
Blue Street TechLast KnightsCommented:
Glad I could help and thanks for the points!
0
 
amatson78Commented:
Thank you as well, glad to hear you have it working :)
0

Featured Post

Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now