Founded in 1996, WatchGuard Technologies, Inc. provides a variety of Internet security software and hardware products, including firewalls, e-mail and Web security appliances, and anti-virus applications. Its products guard against a variety of digital security threats, including hackers, viruses, and worms. WatchGuard also offers subscription-based managed services to protect computer networks from intruders and provide threat responses, software updates, spam blocking, and information alerts.
Log File Types: WatchGuard Syslog, WatchGuard Syslog (HTTP), WatchGuard Syslog (HTTPS - Bytes), WatchGuard Syslog (HTTPS)
WatchGuard supports byte information for HTTP as well as HTTPS traffic. To assist you in selecting the appropriate syslog log file configuration, determine what you need from the following:
Cyfin can be set to receive syslog data from your different WatchGuard devices. Each different device would have its own log file configuration.
Cyfin Syslog Server listens for syslog messages from your WatchGuard device. Both UDP-based and TCP-based messages are supported.
NOTE: For WatchGuard Syslog (HTTPS - Bytes), and WatchGuard Syslog (HTTPS), this is all that is needed.
Log File Type: WatchGuard PostgreSQL
We recommend that you install Cyfin on the same box with the WatchGuard Log Server (PostgreSQL) for easier configuration and speed. Your PostgreSQL database should also be an external database in order for Cyfin to read the log files. Note that Cyfin cannot read data from a database configured in WatchGuard Dimension.
Before trying to connect Cyfin to your WatchGuard Log Server, make sure you have selected to Send logs to WSM Server on the WatchGuard Logging page.
You will need the following information to connect Cyfin to the WatchGuard Log Server PostgreSQL logs:
If you install Cyfin on a different box from the WatchGuard Log Server, then you will need to configure the WatchGuard Log Server to allow the IP address of the box that Cyfin is installed on to connect to the PostgreSQL database. Follow the instructions below to do this.