cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Syslog Over TCP

Hi Team,

I know by default syslog uses UDP 514, is there a way to enforce TCP use when sending logs from the checkpoint side?

I am thinking since syslog uses both TCP and UDP and the port number is the same, if the syslog server is configure to accept only TCP, checkpoint should be able to work with that.

If there is a way to force checkpoint to send the logs over TCP, please let me know.

2 Replies

Re: Syslog Over TCP

Create NAT rule?

Original Source: firewall

Original Destination: Syslog server

Original Service: udp_514

Translated Source: original

Translated Destination: original

Translated Service: tcp_514

Kind regards,
Jozko Mrkvicka
0 Kudos

Re: Syslog Over TCP

Well, implied rules come first before any other rules so that mean--I have to disable the implied and create explicit rule. 

Checkpoint should be able to decide what services it should use base on the server setting--if the server is configure to use tcp 514--send logs using that but I dont think it do--which is sad to say.

0 Kudos