When adding a Syslog to XG I'm missing documentation about the facilities.
What do they mean and what is the use case for the different facilities? Can you write some words about that in the documentation please?
Current Help docu extract Nov. 3rd:
We'll indeed put more information in the help!Watch this space.
Syslog is not something specific to Sophos Firewall, it's the usual logging component of Linux systems. There's a lot of documentation available on the internet about it, especially about what is logged in the daemon, kernel, and user facility. (German doc, for example: https://www.ostc.de/howtos/syslog-HOWTO.html)
Btw. there's also a syslog file guide available for SF: https://docs.sophos.com/nsg/sophos-firewall/18.5/PDF/SF%20syslog%20guide%2018.5.pdf
Do you have any specific question regarding the log facilities still not covered?
Hi Ana and R
thanks for your prompt replies.
I'm more familiar with windows systems and hoped to get answers to my questions in the product help. As I read here: https://support.solarwinds.com/SuccessCenter/s/article/Syslog-facilities?language=en_US
there is something special about the Local1-7 facilities.
you could describe how to get boot messages to syslog and how to get other security logs to syslog.
Currently I read it like: we have a feature, here it is - find out for your self how to use it.