Feb 20 2019 04:36 AM
Hi,
Got my first Data Source and Log Collector up and running yesterday, and have collected 221 logs, but no data is being displayed on my dashboard. Is there a way to view this data and re-import, or is this something I have to capture the syslog data and upload?
I selected a SonicWall for generic syslog data, but am actually using a WatchGuard, so I imagine things are not lining up properly.
Thanks
Feb 26 2019 10:14 AM
@Dima Donhin is this something you can speak to?
Feb 27 2019 05:31 AM
Feb 27 2019 06:19 AM
I haven't done it yet but was suggested in using the custom upload and making a snapshot report I believe to try and filter the data. I need to do a few things first, since there is no native syslog export from Watchguard, I want to make sure the data I'm uploading is going to be in same format. I'm writing a generic syslog collector and am hoping to have some results by end of week. Thanks for following up.
Nov 29 2020 03:49 PM
Hi mate,
I am running Watchguard XTM firewalls, I was wondering if you made any progress and also noticed there is now native support for Watchguard XTM devices.
Nov 30 2020 12:55 AM
Dec 07 2020 04:32 AM
@Boris_Kacevich Saw this too, although have difficulty getting it to work..
I've gone down the route of setting up Ubuntu in Azure with a Docker log collector but Cloud App Security doesn't seem to pick anything up.
Firebox seems to be configured to send logs to it correctly.
Google doesn't come back with much 😞
Jan 11 2021 03:25 PM
@stierer54 I have done the same as you and not seeing any data in the CAS portal. I raised it with my WatchGuard contact and he has advised be they have a known issue with Microsoft to correct this issue. I am waiting for more details back about the issue and the expected ETA on a fix.
Jan 11 2021 11:52 PM
Hi everyone,
There was indeed an issue with the log format and a fix was deployed - the ETA for its availability in all tenants is during the week of the 18th of January.
If you will keep encountering this issue, I suggest opening a support case for Cloud App Security.
Boris
Jan 21 2021 10:54 AM
Do you have a case number or status update on this issue? We also tried setup of the Log Collector from a Watchguard device and though it uploaded logs, nothing ever showed.