Barracuda Web Filter

You can integrate Barracuda Web Filter appliance events with JSA.

The Barracuda Web Filter DSM for JSA accepts web traffic and web interface events in syslog format that are forwarded by Barracuda Web Filter appliances.

Web traffic events contain the events, and any actions that are taken when the appliance processes web traffic. Web interface events contain user login activity and configuration changes to the Web Filter appliance.

Before You Begin

Syslog messages are forward to JSA by using UDP port 514. You must verify that any firewalls between JSA and your Barracuda Web Filter appliance allow UDP traffic on port 514.

Configuring Syslog Event Forwarding

Configure syslog forwarding for Barracuda Web Filter.

Log in to the Barracuda Web Filter web interface.
Click the Advanced tab.
From the Advanced menu, select Syslog.
From the Web Traffic Syslog field, type the IP address of your JSA console or Event Collector.
Click Add.
From the Web Interface Syslog field, type the IP address of your JSA console or Event Collector.
Click Add.

The syslog configuration is complete.

Syslog Log Source Parameters for Barracuda Web Filter

If JSA does not automatically detect the log source, add a Barracuda Web Filter log source on the JSA Console by using the syslog protocol.

When using the syslog protocol, there are specific parameters that you must use.

The following table describes the parameters that require specific values to collect syslog events from Barracuda Web Filter:

Table 1: Syslog Parameters for the Barracuda Web Filter DSM
Parameter	Value
Log Source Name	Type a name for the log source.
Log Source Description	Type a description for the log source.
Log Source type	Barracuda Web Filter
Protocol Configuration	Syslog
Protocol Configuration	Type the IP address or host name for the log source as an identifier for events from your Barracuda Web Filter appliance.