Support for StoneGate Firewall Logs
Tenable Log Correlation Engine customers who have Stonegate firewalls within their environment can now make use of a new normalization library. The new PRM parses logs obtained from the Stonesoft product. The new PRM is available here.
If you have Stonegate firewalls within your network, download this new library and place it in the /usr/thunder/daemons/plugins directory and then restart the thunderd process. Also, if you are using the Never Before Seen TASL script, you should also update your PRM_mappings.prm file, which contains the event IDs for the new Stonegate logs.
The current list of supported network and host based firewall logs includes:
- Checkpoint
- Cisco ASA
- Cisco PIX
- CyberGuard (Secure Computing)
- Gauntlet
- Juniper
- Astaro
- Arkoon
- Fortinet
- ipchains
- Iptables
- Ipfilter
- Kerio
- NetGear
- OpenBSD's pf
- SideWinder (Secure Computing)
- SonicWall
- Stonegate
- PortSentry
- Sygate
- Symantec
- Windows XP
- ZoneAlarm
Learn more
- Log Analysis
Tenable One
Request a demo
The world’s leading AI-powered exposure management platform.
Thank You
Thank you for your interest in Tenable One.
A representative will be in touch soon.
Form ID: 7469
Form Name: one-eval
Form Class: c-form form-panel__global-form c-form--mkto js-mkto-no-css js-form-hanging-label c-form--hide-comments
Form Wrapper ID: one-eval-form-wrapper
Confirmation Class: one-eval-confirmform-modal
Simulate Success