Search the Community
Showing results for tags 'Syslog'.
Hey all, We configured our syslog settings to forward logs to our logging server. It appears to only sort of be working. We'll get a detection at 2:08AM, but they aren't forwarding to our logging server until a few hours later. And we're noticing sometimes nothing gets forwarded. Is there any better documentation outside of the "just put your syslog server settings here" that is in the Management Console? Or any hints or tips on how to make this work better?
We have implemented a SIEM appliance, alienvault, but are unable to get the syslog from Management Console to populate into this appliance. Does anyone have any insight into the integration between these two appliances/software?
I'd like to request the ability to pull the policy key/value pair from Malwarebytes into syslog. I forward Malwarebytes syslog to Splunk and one thing missing is the ability to easily report on each separate group and when reviewing within the management console, I see that each group has an associated policy that would be great to report on in Splunk. Thx