In an Enterprise network, SD-WAN Orchestrator supports collection of SD-WAN Orchestrator bound events and firewall logs originating from enterprise SD-WAN Edge to one or more centralized remote Syslog collectors (Servers), in the native Syslog format. For the Syslog collector to receive SD-WAN Orchestrator bound events and firewall logs from the configured edges in an Enterprise, at the profile level, configure Syslog collector details per segment in the SD-WAN Orchestrator by performing the steps on this procedure.
Prerequisites
- Ensure that Cloud Virtual Private Network (branch-to-branch VPN settings) is configured for the SD-WAN Edge (from where the SD-WAN Orchestrator bound events are originating) to establish a path between the SD-WAN Edge and the Syslog collectors. For more information, see Configure Cloud VPN for Profiles.
Procedure
What to do next
SD-WAN Orchestrator allows you to enable Syslog Forwarding feature at the profile and the Edge level. On the
Firewall page of the Profile configuration, enable the
Syslog Forwarding button if you want to forward firewall logs originating from enterprise
SD-WAN Edge to configured Syslog collectors.
Note: By default, the
Syslog Forwarding button is available on the
Firewall page of the Profile or Edge configuration, and is deactivated.
For more information about Firewall settings at the profile level, see Configure Firewall for Profiles.