I had troubles with the default decoder and rule-set. I was able to work
through the issue. I will forward on my decoder and rule-set in hope of
saving time for others.
Log Example:
2018 Nov 02 11:17:22 192.77.77.1 id=firewall sn=0123456789 time="2018-11-02
10:17:22" fw=24.117.241.38 pri=6
Hi Peter,
I agree with Jeff. If you can send some logs to us, we can definitely write some
rules/decoders for it.
We only have a few samples:
http://www.ossec.net/wiki/index.php/Log_Samples_Sonicwall
But with a few more we can easily add support for it.
*btw, if you prefer, you can send to me
On Aug 17, 8:18 pm, Peter M. Abraham [EMAIL PROTECTED]
wrote:
Does anyone have any rules they have, and are willing to share in
terms of monitoring SonicWall Pro series firewalls?
If you could paste some log lines, it probably wouldn't take much to
write decoders for it. Once decoders are