What device should Syslog be directed to? #3447
-
|
On 16.04 I sent Syslog from network devices to the sensor. Ran so-allow there and verified via UFW that 514 was open. On 2.3.30, my Forward device doesn't have UFW installed anymore. The Management node does. Which node should be the target, and how do I verify that so-allow worked? Thanks! |
Beta Was this translation helpful? Give feedback.
Answered by
juddcbrown
Mar 15, 2021
Replies: 1 comment
-
|
Sorry, here it is. https://docs.securityonion.net/en/latest/firewall.html?highlight=firewall#allow-hosts-to-send-syslog-to-a-sensor-node |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
TOoSmOotH
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Sorry, here it is. https://docs.securityonion.net/en/latest/firewall.html?highlight=firewall#allow-hosts-to-send-syslog-to-a-sensor-node