1 of 1 people found this helpful
First, have you tried using the "Add Node" wizard to have it scan your syslog and suggest the right connector? It'll scan through your logs and match against the connectors to try to figure out what goes where.
Next, I am not quickly finding what/whether a connector matches up, so if in doubt that there is a connector or add node wizard doesn't find one, feel free to submit a support request - if we don't have coverage, we should be able to add it (this seems weird to me for the virus logs especially, but maybe it's just not come up since most people are using the web filter). I know for sure the Barracuda Admin connector will catch the device changes, that one is universal across all the native Barracuda devices.
Thanks for your response. The Barracuda Admin connector successfully pulls in syslogs from our load balancers, but not our spam & virus firewalls... Edit: The Admin side works after using generating an event with a failed login. So that's good! But I still need to figure out the mail-side syslogs.
I tried a Node discovery yesterday, and got a couple of results, but they were erroneous: an F5 appliance and something else that we don't have. I'm not sure if this was from the Barracuda syslogs or not to be honest, so I'll try again today and update this thread if something works out.
I will submit a support request for a connector specific to the Spam & Virus firewall. Thank you for that suggestion. In the meantime if you or anyone else have any further advice I'll gladly try it!