Configuring Syslog Settings

When receiving events, Trend Micro Email Security stores the events in its database and forwards syslog messages to an external syslog server in a structured format, which allows third-party application integration.

The Syslog Settings screen is compose of the following tabs:

  • Syslog Forwarding: Specifies the mapping between syslog servers and different types of logs.

  • Syslog Server Profiles: Enables you to add, edit or delete syslog servers for syslog forwarding.

Note:
  • To ensure Trend Micro Email Security can properly forward syslog messages, configure your firewall to accept connections from the following IP addresses or CIDR blocks:

    • North America, Latin America and Asia Pacific:

      18.208.22.64/26

      18.208.22.128/25

      18.188.9.192/26

      18.188.239.128/26

    • Europe, the Middle East and Africa:

      18.185.115.0/25

      18.185.115.128/26

      34.253.238.128/26

      34.253.238.192/26

    • Australia and New Zealand:

      13.238.202.0/25

      13.238.202.128/26

  • Be aware that Trend Micro Email Security keeps syslog messages for 7 days if your syslog server is unavailable. Messages older than 7 days will not be restored when your syslog server recovers.