Surf Soho Logging

inthelight · August 11, 2019, 2:31pm

Hello. recently purchased and installed a Surf SOHO MK3 for my network, it’s up and running fine. I would like to capture logs of rejected incoming requests but I don’t see a way to turn on logging for the default inbound rule, am I missing something?

Also, looking at setting up a linux box for remote syslog, wondering if Graylog is compatible for capturing/analyzing syslog events? If not Graylog, what software is recommended?

Zach_Tangen · August 12, 2019, 1:59pm

Hello inthelight,

The default rules do not allow logging to be enabled and another rule will have to be created to start logging. Graylog should work just fine.

inthelight · August 13, 2019, 3:30pm

So then if I just duplicate the default rule I can add logging?

Zach_Tangen · August 13, 2019, 5:00pm

You will see a few more options when creating a new rule but you yes, you should duplicate the default rule if you’re using the SOHO to deny inbound traffic.