How To Set Up Your WatchGuard For Reporting

Logs from WatchGuard Fireboxes can be sent to the WatchGuard Log Server. The WatchGuard Report Server takes these log entries and makes them into meaningful reports. The reports can be accessed via a web interface on http 
  1. Install Log Server and Report Server 
  2. Start WatchGuard Server Center – either by right-clicking the tray icon, or from the Start Menu. 
  3. Set the logging space to be used, and an encryption key (ie password).
  4. Review the Server Settings for the Report Server. 
  5. At this point, it is now time to configure the Firewall – open WatchGuard System Manager. Connect to your Firebox and start Policy Manager. 
  6. Navigate to Setup>> Logging...
  7. Check the box “Send log messages to...” Then click “Configure...” 
  8. Click “Add...” Enter the IP address of the Logging Server entered in Step 1. Enter the Encryption Key entered in Step 3. Click OK on each screen to return to the main policy menu. 
  9. Add a policy by clicking Edit>> Add Policy...
  10. Select a Proxy – this example will use the HTTP proxy. Click Add. 
  11. Give the policy a meaningful name. Click on the Properties tab. Click to Edit the Proxy Action.
  12. Check the box to “Enable Logging for Reports”. To configure the rest of the HTTP Proxy Action, Ensure the ‘Enable logging for reports’ option is checked for all Proxy Actions that require reporting (eg SMTP, FTP, HTTPS) It is always found in the General Settings section. 
  13. You can access the Reports in two ways: via a web browser on https://ipaddress:4122 or through WatchGuard System Manager. 

Add Feedback