Firewall Analyzer Troubleshooting

The most common problems and troubleshooting tips for the Firewall Analyzer

Common Problems

Windows Firewall blocking incoming traffic on the machine. Refer to Enable UDP on Windows for Firewall Log Analyzer.
Accidentally putting the Firewall's IP instead of the monitoring device's IP
Not adding a Syslog forwarding rule on the firewall to send the logs to the Firewall Analyzer App
By default, our filtering removes informational messages that do not require any action on your part. If you want to verify that everything works, try going to the configuration menu and changing the Don't Report Events Lower Than This Priority setting to Info
1. You should receive an app result in the RocketCyber dashboard that says "connected" when firewall data is successfully reaching the app
If you are experiencing problems using UDP/TCP, try using the other
If you are using a firewall that allows you to configure the severity level of Syslog events being sent, set severity to info
Ensure your logs are being sent space-separated (not comma-separated)
1. This does not apply to formats such as Barracuda which do not use standard formats (e.g. Barracuda logs are pipe-separated)
If needed, try restarting the agent

One exception to priority-level filtering is IP Reputation Lookup. Traffic from malicious IPs will display even though it has an Info priority level.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.