How to - Activate Log Ingestion in Clavister Cloud Services

Last modified on 7 Feb, 2024. Revision 12
Up to date for
Clavister Cloud Services 3.1.2
Status OK
Subscription Required
Clavister NetWall with a Basics or higher
Clavister NetShield with Essentials or higher

This guide describes how to activate the Log Ingestion add-on service that is used to allow sending logs from on-prem NetWall and NetShield into the Clavister Cloud Services.

The guide uses our example company ShieldIT as <company_name> through the different steps

The guide assumes you already have an Clavister Cloud Service instance deployed, and you are enrolled to the service and can access the console of Clavister Cloud Services.

(See related articles below for for enrolling to the service)

Accessing Cloud Services

Access Clavister Cloud Services, example using ShieldIT below:

When trying to access Cloud Services a QR code will be displayed on your computer, scan this with the OneTouch app, it will ask for confirmation. This will authenticate you and log you into the console. 

Activating Log Ingestion Add-on service

Navigate to the Add-ons menu and select Log Ingestion

Select Start configuration to start the Log Ingestion wizard.

Click + Generate key to create the IPsec Pre-Shared Key for the IPsec tunnel used to receive the logs.

Ensure that you save the generated key for later use in cOS Core and click Activate to start the deployment process.

The generated Keys are no longer accessible to copy once the Activation Key button is pressed

After the clicking activate the deployment will start.

It can take a few minutes for the activation.

When the deployment is done it’s possible to download a script file for easier deployment of the IPsec tunnel and Syslog configuration in NetWall (cOS Core), we recommend downloading this script and storing it for future use. When downloaded, click Done to close the wizard.

The generated script will no longer be accessible once the wizard is closed.

At this point the Log Ingestion service will be deployed in the cloud service back-end, the webpage should get populated with the additional information to be used when configuring the on-prem firewall

See related articles below for configuring your OnPrem firewall to work with this service.

Related articles