System logging protocol, or syslog, forwards events and logs to a centralized system to be analyzed. You can configure your syslog server to send the necessary logs to Arctic Wolf® for security monitoring. These events and logs include information about severity levels, timestamps, IP addresses, geolocations, and more. Arctic Wolf only supports select types of log ingestion.

Arctic Wolf supports network log forwarding for these products:

Vendor	Log source type	Ingestion method
Check Point Quantum®	Network	Syslog
Cisco Adaptive Security Appliance (ASA)®	Network	Syslog
Cisco Firepower Threat Defense (FTD)®	Network	Syslog
Cisco Meraki Firewall®	Network	Syslog
Cisco Meraki WAP®	Network	Syslog
Citrix NetScaler®	Network	Syslog
CyberArk Privileged Access Manager (PAM)®	PAM	Syslog
Dell switch®	Network	Syslog
Forcepoint Next-Generation Firewall (NGFW)®	Network	Syslog
Fortinet Next-Generation Firewall (NGFW)®	Network	Syslog
Fortinet FortiManager®	Network	Syslog
Infoblox®	Network	Syslog
Juniper NGFW®	Network	Syslog
Netgate pfSense Plus	Network	Syslog
Palo Alto Networks Firewall and Panorama®	Network	Syslog
SonicWall®	Network	Syslog
Sophos Enterprise Console®	Network	Syslog
Sophos XG Firewall®	Network	Syslog
Trellix ePolicy Orchestrator (ePO)®	Network	Syslog
Trend Micro Apex Central®	Endpoint	Syslog
Ubiquiti TOUGHSwitch PoE®	Network	Syslog
Ubiquiti UniFi®	Network	Syslog
Varonis®	Network	Syslog
WatchGuard®	Network	Syslog
Windows Network Policy Server (NPS)®	Network	Syslog
Zscaler Internet Access (ZIA)®	Network	Syslog, AWN webhook API
Zscaler Private Access (ZPA)®	Network	Syslog

To configure other syslog integrations, see Configure a syslog server to send logs to Arctic Wolf.