Feature Requests

We have Many clients who are working on CMMC and NIST complaincies. One of the controls we need to check for is monitoring and alerting on SSL VPN Failed Logins. Normally, we would fire off an alert from the sonicWALL when this was detected, but our compliance expert has told us that the reporting has to come from something other than the SonicWALL. we were hoping that we could leverage a tool we were already using instead of needing to set up a Syslog server, and then another tool to parse those logs Adding the SonicWALL log data to the data print. We have the Event ID, so writing a metric that pulls the event ID and also contains the word failure would be easy enough once that data was available, but without access to the Data, we can't do that.

I'd like to be able to check and see if there's an available firmware update for a SonicWall via Liongard. This would remove steps from multiple processes that require us to go and compare the Liongard data to the MySonicWall portal and manually check for the firmware update. It appears as though MySonicWall has an API: https://api.mysonicwall.com/mssp.html . This API can be used to retrieve current firmware versions via /api/downloads/{serialnumber}. Perhaps Liongard could offer a field for "username" to authenticate to MySonicWall in the inspector setup, and then the API could be called and pass in the SonicWall's serial number and language along with the specified username to call the API at the same time that it runs an inspection on the SonicWall?

I see that the Sonicwall inspector is pulling Static Arp Entries and Arp Settings, but not "Arp Cache". Can that be added? I would expect the Arp Cache to be collected and saved, similar to DHCP Leases

We are attempting to utilize the data in the ARP Cache to create a metric. When querying for the data in ArpCache for 6.x (inspector version 1.0.0) or ArpEntries for 7.x (inspector version 7.0.0) the result will return as either an empty array or a null value. When searching for the data manually, the use case that we are trying to have this metric/alert for does not have the right data appearing anywhere else in the data print. I would like to see the arrays associated with ArpCache and ArpEntries be populated with the data similar to how the DHCPLeases array is populated.

Can we please have the MFA status for users collected and when the MFA gets disabled/Enabled for specific user.

This is a SonicWALL, same as the others. This should be able to be inspected by the current inspector. Have the SonicWALL Inspector support azure hosted SonicWALLs.

It is cumbersome to log into each discovered device, update the version add the information. Either do this like 3CX, default to version 7 or something to make this easier