Table of Contents
Installation on the firewall machine
Distributed installation
If you use a distributed installation (consolidate logs on dedicated syslog machine) configure your firewall(s) to send syslog messages to the management machine where fwlogd/fwlogmgmd is installed.
On a *NIX based firewall with syslgd this could be done like:
- add kern.* @your.syslog.machine to /etc/syslogd.conf
- restart syslogd
On a *NIX based firewall with syslg-ng this could be done like:
TODO
Other firewall: please refer to your firewall documentaion how to handle syslog.
fwlogd/fwlogmgmd installed on firewall
If you want to run fwlogd/fwlogmgmd on the firewall itself (where possible), proceed with instructions for management machine.