Forward logs from Kiwi to Solarwinds SEM and keep source IP Unchanged

Hi everyone, 

I am trying to deploy a complex system because we have different locations which are connected through VPN site to site. I thought was better to install a local syslog to each of the sites and forward the logs to Solarwinds SEM. 

I am using Kiwi Syslog server on each site and configured the forwarding rules. What i do not like about this implementation is that the logs in Solarwinds SEM are showing as they are coming from Kiwi and not from actual device. I can not understand what is that log linked too. I am sending logs to Kiwi from Sonicwall, different switches, but when those are forwarded to Solarwind SEM are showing as single IP ( Kiwi IP). 

Does anyone has any experience how to configure the local Syslog and forward the logs to Solarwinds SEM but keep the original source IP? I want to follow this model here :

Thank you


Parents Reply Children
No Data