This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Clavister NetWall

    Samurai [Local] CollectorSamurai [Cloud] Collector
    Picture1.svg

    This guide describes the steps required to configure a Clavister NetWall firewall to send syslog events to a Samurai Local Collector deployed in your network.

    Connectivity Requirements

    SourceDestinationPortsDescription
    Clavister NetWallSamurai Local CollectorTCP/514 or UDP/514For log transmission

    Configure Clavister Netwall

    Follow the vendor documentation to add a new syslog receiver:

    Perform the steps under section Example 2.29. Enabling Syslog RFC-5424 Compliance with Hostname.

    Adjust Syslog service to TCP

    Optionaly, in the cOS Core web interface:

    • Navigate to: Objects -> Serivces
    • Click on Syslog
    • Modify Type and set the protocol to TCP

    For integrations that utilize a Local Collector where we ingest syslog only, you do not need to follow specific steps in the Samurai MDR portal as we auto detect the vendor and product. The only reason you need to use the Samurai MDR portal is if you need to determine the Local Collector IP address. Of course you will still need to ensure the integration is functioning! See Integrations for more information on checking status.

    Our Integration guide was accurate at the time of writing but vendors change things frequently! If you find errors or anything is outdated, let us know by raising a request in the Samurai MDR application and we shall get it updated.