Syslog Forwarder
1. Introduction
Since Cisco FMC (Firewall Management Center) and Cisco ISE (Identity Services Engine) cannot send threat events or failed authentication events directly to an HTTP destination, we require a Syslog service to bridge the gap between these systems and our centralized log collector service. This Syslog container acts as an intermediary, forwarding logs from Cisco ISE and Cisco Firepower to NxtFireGuard.
2. What You'll Need
1. Virtual Machine with the following specs:
- 2 CPU Cores
- 4 GB RAM
- 20 GB Hard Disk
- 1x Network Interface
2. A valid NxtFireGuard License Key
3. Install the Latest Ubuntu or Debian Server OS 🐧
4. Update Package Sources and Upgrade Packages 🔄
sudo apt-get update -y && sudo apt-get upgrade -y
5. Install Docker 🐳
5.1 For Debian 11 & 12
Remove Conflicting Packages ❌
for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt-get remove $pkg; done
Add Docker’s GPG Key 🔑
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
Add Docker Repository to Apt Sources 📦
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
Install Docker Packages 📥
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Verify Installation ✅
sudo docker run hello-world
5.2 For Ubuntu 24.04, 22.04 & 20.04
Remove Conflicting Packages ❌
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done
Add Docker’s GPG Key 🔑
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
Add Docker Repository to Apt Sources 📦
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
Install Docker Packages 📥
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Verify Installation ✅
sudo docker run hello-world
6. Install Git 🛠️
sudo apt-get install git -y
7. Create User & Add to Docker Group 👤
7.1 Create a User
Replace <username>
with the desired username.
sudo adduser <username>