Exciting news! We are redesigning the Arctic Wolf Help Documentation site to provide a better user experience. Our new site will launch on May 1, 2024.

Forcepoint NGFW Logs

Updated Apr 17, 2024

Configure Forcepoint NGFW to send logs to Arctic Wolf

You can configure Forcepoint Next-Generation Firewall (NGFW)® to send the necessary logs to Arctic Wolf® for security monitoring.

Requirements

Steps

  1. Configure Forcepoint NGFW security monitoring.
  2. Provide your Forcepoint NGFW information to Arctic Wolf.

Step 1: Configure Forcepoint NGFW security monitoring

Note: You must use an account with access to the Forcepoint Stonesoft Management Center (SMC) and Forcepoint NGFW Engines to complete this configuration.

  1. Sign in to your Forcepoint SMC.
  2. Click Home.
  3. Click Others > Log Server.
  4. Right-click the log server that you want to forward logs from, and then select Properties.
  5. Click the Log Forwarding tab.
  6. Click Add.
  7. Double-click the Target Host field, and then select the Arctic Wolf Sensor where you will forward the logs to.
  8. Click Add, and then configure these settings:
  9. Click OK.

Step 2: Provide your Forcepoint NGFW information to Arctic Wolf

  1. Sign in to the Arctic Wolf Unified Portal.

  2. Click the Tickets tab, and then do one of these actions:

    • New customers — In the Ticket Type list, select Onboarding. Then, click the existing [Deploy] Site Config: <ticket_subject> ticket.
    • Existing customers — Click Open a New Ticket.
  3. On the Open a New Ticket page, configure these settings:

    • What is this ticket related to? — Select General request.
    • Subject — Enter Syslog changes.
    • Related ticket (optional) — Keep empty.
    • Message — Enter this information for your Concierge Security® Team (CST):
      • Confirmation that you completed the steps in this configuration guide.
      • The IP address or hostname you used during the configuration.
      • Questions or comments that you have.
  4. Click Send Message.

    Your CST will review the details and make sure that Arctic Wolf is successfully processing the logs.