Surf Soho Logging

Hello. recently purchased and installed a Surf SOHO MK3 for my network, it’s up and running fine. I would like to capture logs of rejected incoming requests but I don’t see a way to turn on logging for the default inbound rule, am I missing something?

Also, looking at setting up a linux box for remote syslog, wondering if Graylog is compatible for capturing/analyzing syslog events? If not Graylog, what software is recommended?

Hello inthelight,

The default rules do not allow logging to be enabled and another rule will have to be created to start logging. Graylog should work just fine.

1 Like

So then if I just duplicate the default rule I can add logging?

You will see a few more options when creating a new rule but you yes, you should duplicate the default rule if you’re using the SOHO to deny inbound traffic.

1 Like