When configuring Firewalls such as Sonicwall or Ubiquiti, their source name in Huntress SIEM is "Syslog events for 192.168.x.x", source type "SonicWall Firewall". It would be very helpful that the SIEM fetched the Syslog ID from the messages. In the Sonicwall, it is sonicwall.id . In ubiquiti, host.hostname. These fields contain the actual Firewall name or Syslog ID we have to identify them internally. If this value was shown as the Source name in Huntress, it would be very helpful. As an alternative, manually renaming the sources would be useful too