Not able to see Syslog information in Firewall Analyzer within Opmanager V12

Not able to see Syslog information in Firewall Analyzer within Opmanager V12

Solution : 

OpManager  V12 has 2 different Syslog servers , one for capturing specific syslog messages based on the syslog rule configured for generating alarms in OpManager and another one for Firewall module for monitoring complete syslog traffic. Only one can be used at a time.

OpManager will listen to  Syslog port 514  by default , if the Firewall device  is sending  syslogs to the server with port  514 , it will be occupied by OpManager, hence we can not see anything the Firewall module , you can change the port meant for OpManager from 514 to any dummy port  so that 514 will be used for  Firewall module.

To change the syslog port in OpManager , go to Settings > Monitoring > Monitors > More > Syslogs >Syslog port > change the port> Save.

To configure Syslog port for Firewall Analyzer inside OpManager , go to Settings > Firewall > Syslog server > Add >Profile name > configure port 514  > Save.

Restart the Opmanager service and verify if you are able to get syslog information . 

                    New to ADSelfService Plus?

                      • Related Articles

                      • Firewall Logs time stamp issue for Sonicwall Devices in ManageEngine Firewall Analyzer V12

                        Issue: Not able to see any Syslog traffic in Firewall Log analyzer. Solution : When checked  the raw Logs received from  the Firewall , the time stamp  are based on UTC time where as the server time  and the Firewall device time was with EST time. ...
                      • End user Monitoring in OpManager

                        This feature is to correlate and exhibit the data across our internal modules  OpManager, NetFlow Analyzer &Firewall Analyzer  from an end user perspective.  Consider as Company(ABC)  has 'x' number of employees. Each one will have a device with ...
                      • How to get the URL in URL reports of Firewall Analyzer (Cisco ASA) ?

                        1. Log in to Cisco ASDM -> Device Management -> Configuration -> Logging Setup -> Enable the ID 304001 (HTTP Inspection) and make sure it is set to 'Informational'. 2. Go to Configuration -> Service Policy Rules.  3. Go to Edit -> Rule Actions -> ...
                      • Interface Name/Description/Alias not updated due to SNMP in Netflow Analyzer v12

                        Scenario:  If the device is using SNMP v2 by default , Device Interface ifname,ifdescription,ifalias and interface bandwidth speed will  not get updated because Netflow analyzer to set to use SNMP v1 by default. Solution :  To make SNMP v2 as ...
                      • How to work with unknown devices in OpManager?

                        There are 2 reasons for devices to go in to  "Unknown" Category in OpManager: 1)Device credentials (SNMP/WMI/CLI) are not added or discovered with wrong credentials in OpManager. 2)Credentials are correct but OpManager does not have built-in Device ...