Sonicwall module in Snare Server v7.1.0

Owned by Carlos Osorio
Nov 12, 2020
1 min read


SUMMARY

Feb 25, 2016

The import module for sonicwall is in v7.1, as are the Dynamic Query templates. If sonicwall data comes into the Snare Server, it should appear in its own "SonicWall" table, and new objectives can be configured to analyse the data.

Add New Objective

NOTE: If the "Sonic Wall" category does not appear, it just means that there is no SonicWall data on the Snare Server (as yet). The "Only Display objectives that have data" checkbox can be unticked, or you can wait for data to arrive from the firewall, and be included into the sonicwall table.

  1. Click on the new objective, select the 'Configure' button.

  2. Choose the 'Change Type' button up near the top right corner of the window.

  3. Search for "Sonic Wall". There is an example objective under "Packet Logs" called "dropped packets", and may be modified as required.