Wavecrest Computing — Cyfin Log Data Analysis Solution

SonicWall Firewall

Cyfin is designed to work with SonicWall.  It integrates easily into your current system configuration.

Cyfin is installed on a server, not on the SonicWall appliance


Logfile Setup

Logfile Type:  SonicWALL Security Appliance   


Configuration Notes

  1. Install a syslog daemon. Download Kiwi's syslog daemon.
  2. Make sure the machine running the syslog daemon is running behind the firewall on the LAN.
  3. On the Sonicwall firewall Web interface, go to Log screen.  Then in the Syslog field, type the IP address of the syslog daemon.  Be sure to apply the updates to the firewall.
  4. Edit the rules on the firewall to allow inbound-to-outbound traffic on port 80 (http).  Do this at least once a week for http downloads of the list.
  5. You should now start seeing traffic from the firewall on the syslog daemon.  On the syslog services go to the DNS setup and enable the Resolve Host option; this is very critical to get Cyfin working.
  6. On the syslog daemon, create a directory (i.e., c:\sonicwall\logs).  Now, using the logging to file option in the Kiwi setup configuration, set up the syslog program to log the data into the log file.
  7. Install Cyfin and the syslog daemon on the same server and make sure that the reporting feature is targeting the logfile used by the syslog.
Call toll-free: 1-877-442-9346
International: 001-321-953-5351
legal disclaimer   |   privacy statement   |   © Copyright 1996-2014 Wavecrest Computing. Tel:321-953-5351, E-mail:info@wavecest.net All rights reserved.

©Copyright 1996-2014 Wavecrest Computing. All rights reserved. 321-953-5351, info@wavecrest.net, www.wavecrest.net