Views:
You can configure ScanMail to forward events to an external syslog or Security Information and Event Management (SIEM) server. All events are forwarded in clear text.

Procedure

  1. Click LogsLog Forwarding.
    The Log Forwarding Settings screen displays.
  2. Select Enable log forwarding to enable log forwarding.
  3. Under Setting for Log Receiving Unit section, configure the following:
    • IP Address: IP address of the log receiving server.
    • Port: Port number of the log receiving server.
    • Transportation Type: Protocol to be used to transport logs to the log receiving server.
      If you select TCP, you can also select Enable SSL to encrypt log content.
    • Facility: Machine process that created the syslog event.
    • Severity: Severity level of the log.
  4. Under Setting for Log Forwarding section, configure the following:
    • Frequency: Frequency for collecting and forwarding logs.
    • Event Format: Select the event log format.
    • Log Type: Select the type of logs you want ScanMail to forward.
  5. Click Test Network Connection to verify the connection with the log receiving server.
  6. Click Save.