In an Enterprise network, SD-WAN Orchestrator supports collection of SD-WAN Orchestrator bound events and firewall logs originating from enterprise SD-WAN Edge to one or more centralized remote syslog collectors (Servers), in native syslog format. At the Edge level, you can override the syslog settings specified in the Profile by selecting the Enable Edge Override checkbox.
Prerequisites
- Ensure that Cloud VPN (branch-to-branch VPN settings) is configured for the SD-WAN Edge (from where the SD-WAN Orchestrator bound events are originating) to establish a path between the SD-WAN Edge and the Syslog collectors. For more information, see Configure Cloud VPN for Profiles.
Procedure
What to do next
On the
Firewall page of the Edge configuration, enable the
Syslog Forwarding button if you want to forward firewall logs originating from enterprise
SD-WAN Edge to configured Syslog collectors.
Note: By default, the
Syslog Forwarding button is available on the
Firewall page of the Profile or Edge configuration, and is deactivated.
For more information about Firewall settings at the Edge level, see Configure Firewall for Edges.