Views:

  1. Go to Administration > Integrated Products/Services > Syslog.

    The Log Settings screen appears.

  2. Click Add.

    The Add Syslog Server Profile settings appear.

  3. Type a profile name for the syslog server.
  4. Type the host name or IP address of the syslog server.
  5. Type the port number.
  6. Select the protocol to be used when transporting log content to the syslog server.

    • TCP

    • UDP

    • SSL

  7. Select the format in which event logs should be sent to the syslog server.

    • CEF: Common Event Format (CEF) is an open log management standard developed by HP ArcSight. CEF comprises a standard prefix and a variable extension that is formatted as key-value pairs.

    • LEEF: Log Event Extended Format (LEEF) is a customized event format for IBM Security QRadar. LEEF comprises an LEEF header, event attributes, and an optional syslog header.

    • Trend Micro Event Format (TMEF): Trend Micro Event Format (TMEF) is a customized event format developed by Trend Micro and is used by Trend Micro products for reporting event information.

  8. Select the scope of the data that will be logged.

    • Detections

    • Alerts

    • Virtual Analyzer analysis logs

    • System events

    • Message tracking

    • Sender Filtering/Authentication

    • MTA events

  9. Click Save.
Parent topic: Log Settings