Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

SonicWall Firewall Integration Guide

integrations network sonicwall firewall

SonicWall firewalls must be configured to send logs via syslog to the Taegis™ XDR Collector.

Connectivity Requirements

Source Destination Port/Protocol
SonicWall Taegis™ XDR Collector (mgmt IP) UDP/514

Data Provided from Integration

  Antivirus Auth DHCP DNS Email Encrypt File HTTP Management Netflow NIDS Process Thirdparty
SonicWall Firewall   D Y D       D   D V    

Y = Normalized | D = Out-of-the-Box Detections | V = Vendor-Specific Detections


Taegis™ XDR detectors are not guaranteed to be triggered, even if a data source's logs are normalized to a schema associated with a given detector. However, you can create Custom Alert Rules to generate alerts based on normalized data from a data source.

Logging Configuration Instructions

To configure the SonicWall SonicOS syslog, follow the guide provided by SonicWall. Ensure you complete the following fields with the correct values:

Configuring SonicWall SonicOS syslog

Configuring SonicWall SonicOS syslog


On this page: