Include clientless access logs in the messages sent by syslog reporting service of the XG FW
We are using clientless access VPN to allow remote VNC sessions.
XG firewall realease is : SFOS 18.0.3 MR-3
In order to create dashbords for clientless activity and bookmarks usage correlated with data from other systems, we need to centralize clientless activity logs from the XG FW to a global log server.
On the XG firewall, we configured syslog for all logs but we were unable to receive logs for clientless detailed sessions. They are visibly not handled by syslog.
The only way to access the logs is to read the /log/clientlessacces.log file directly, or to download it via scp connexion with admin user.
This is not suited to production environment.
Another drawback, is that logs in the clientlessaccess.log file are not correctly horodated. No year and timezone specified. The file also contains log lines without date and time.
My request is as follow :
Could you evaluate the possibility for clientless access log to be handled by the syslog service on the firewall, in order to centralize them in the log repository of the company .
At the same time date and time would be formated as the other syslog messages generated by the XG firewall.