To integrate SonicWALL, do the following procedures, below:
- To configure SonicWALL to forward syslog events
- To set up Barracuda XDR Dashboard
To configure SonicWALL to forward syslog events
SonicWALL captures all SonicOS event activity.
Syslog events are forwarded to QRadar. SonicWALL events that are forwarded to QRadar are automatically discovered and log sources are created automatically. For more information on configuring your SonicWALL appliance or for information on specific events, see your vendor documentation.
Log in to your SonicWALL web interface.
From the navigation menu, select Log > Syslog.
From the Syslog Servers pane, click Add.
In Name or IP Address, type the IP address of your QRadar Console or Event Collector.
In Port , type
514
.
SonicWALL syslog forwarders send events to QRadar by using UDP port 514.Click OK.
From the Syslog Format list, select Default.
Click Apply.
To set up Barracuda XDR Dashboard
- In Barracuda XDR Dashboard, click Administration > Integrations
- On the SonicWALL Firewall card, click Setup.
- Select Enabled.
- Click Save.