Skip to content

Barracuda Email Security

The Barracuda Email Security Service is a cloud-based email security service that protects both inbound and outbound email against the latest spam, viruses, worms, phishing, and denial of service attacks.

Reference: https://campus.barracuda.com/product/webapplicationfirewall/doc/4259935/how-to-configure-syslog-and-other-logs

If the instance is deployed in the Azure Security Center, the Barracuda Web Application Firewall adds an Azure Event Hub server with the preset custom log format for “Web Firewall Logs Format”. If a Microsoft Azure OMS server is added, some of the objects of the Web Firewall logs that are sent to the OMS server will have incorrect values. Therefore, it is recommended not to use the Microsoft Azure OMS server as an “Export Log” server when the instance is deployed in the Azure Security Center.

Configuration - Add a Syslog Server (local)

  1. Go to the ADVANCED > Export Logs page.
  2. In the Export Logs section, click Add Export Log Server. The Add Export Log Server window opens. Specify values for the following:

  3. Name - Enter a name for the CYCLOPS forwarder (ex. CYCLOPS).

  4. Log Server Type - Select Syslog NG.
  5. IP Address or Hostname - Enter the IP address of the CYCLOPS forwarder.
  6. Port - Enter the port number given to you by CYDERES that's assigned to your appliance.
  7. Connection Type - Select the connection type to transmit the logs from the Barracuda Appliance. UDP is the default protocol but TCP and SSL can be used as well.
  8. Log Timestamp and Hostname – Set to Yes to log the date and time of the event, and the hostname configured on the BASIC > IP Configuration > Domain Configuration section.

Click Add

Configuration - Add a Syslog Server (cloud)

  1. Go to the ADVANCED > Export Logs page.
  2. In the Export Logs section, click Add Export Log Server. The Add Export Log Server window opens. Specify values for the following:

  3. Name - Enter a name for the CYCLOPS forwarder (ex. CYCLOPS).

  4. Log Server Type - Select CloudSyslog Service.
  5. IP Address or Hostname - Enter the IP address of the CYDERES Cloud Collector (provided to you by CYDERES).
  6. Port - Enter the port number given to you by CYDERES that's assigned to your log collector.
  7. Log Timestamp and Hostname – Set to Yes to log the date and time of the event, and the hostname configured on the BASIC > IP Configuration > Domain Configuration section.

Click Add