Configuring Syslog services
Configure the Control Room to export Audit Log entries in Syslog format to remote Syslog compatible log management servers.
This task is performed by the Control Room administrator. You must have the necessary rights and permissions to complete this task.
Pushing Audit Log entries to remote Syslog servers enables you to integrate and leverage advance searching and reporting features of security information and event management (SIEM) solutions. To configure server(s) where audit records will be sent in standard Syslog format, do the following:
- Click Edit.
- Click the Add icon.
Enter the Syslog server information.
You can enter more Syslog servers by repeating the step.
Option Action Syslog server hostname Full qualified domain name (FQDN) or the IP address of the Syslog server to deliver the log reports. Port Port that the remote Syslog server uses to receive incoming Syslog records (for example, port 514). Protocol TCP or UDP. Use Secure Connection Use a TLS encrypted channel to send Syslog records to the remote server. This option is available for TCP only.
- Click Save.