Solved

Sonicwall TZ 100: no logging?

Posted on 2014-01-20
7
654 Views
Last Modified: 2016-11-23
Hi,

I just upgraded my Sonicwall TZ 100 to latest update. Now it appears to be Dell instead of sonicwall. Fine for me. However, when I try to see logging (regarding case http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_28339357.html in which I added a rule from lan to x2 allow any) I don't see any logging appearing. Last logging was from 10 minutes ago, that's it.

Any changes I should make to see logfiles? I want to see where my traffic gets blocked.

Please advise.
J.
0
Comment
Question by:janhoedt
  • 3
  • 2
  • 2
7 Comments
 
LVL 25

Expert Comment

by:Diverse IT
ID: 39795554
Hi janhoedt,

Unless you have ViewPoint or Analyzer installed & setup you will not be able to see historical logs once you update your firmware. But I'd assume you'd be able to easily duplicate whatever you were seeing.

Let me know if you have any other questions!
0
 

Author Comment

by:janhoedt
ID: 39795581
So no default historical logging UNLESS you pay a subscription?!
0
 
LVL 25

Assisted Solution

by:Diverse IT
Diverse IT earned 250 total points
ID: 39795587
Well there is historical logging but no security appliance that I know of have a built-in dB to handle such a request - the log file is just too big. SonicWALL by default has historical log data natively until either the log gets full (at which point it's then flushed) or you reboot the unit.

If you are looking to capture historical logs without a license you can setup SMTP automation and have the logs send via email to yourself when they are full.

Conversely, the licensing gives you a full application that sits on a server or PC and then transmits to a SQL dB.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 8

Accepted Solution

by:
amatson78 earned 250 total points
ID: 39795688
Diverseit is correct, when yo flash a firmware all historical data is gone, only that which is offloaded can be viewed. You do not need Viewpoint any Syslog server can be setup to receive data.

That said if you can reproduce it make sure that whatever firewall access rule you setup has logging enabled? If you go into the rule there is a checkbox to "Enable Logging". If this is unchecked then you will not see it.

If this does not work can you give us some more detail, Screenshots, etc to help you out.



Cheers,
Alan
0
 

Author Comment

by:janhoedt
ID: 39796862
The only thing I was worried about is that I couldn't trace back something that happened 5 minutese ago (a land attack). Apparently logging is now working correctly. Probably related to fresh upgrade of Sonicwall. Now ok.
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 39797030
Glad I could help and thanks for the points!
0
 
LVL 8

Expert Comment

by:amatson78
ID: 39797086
Thank you as well, glad to hear you have it working :)
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SOFS cluser offline 3 43
Need help with VLAN issue 6 38
Computer hanging for several seconds 14 34
Palo Alto Networks: Truly No Hit Count? 2 22
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now