https://support.eset.com/kb5777
Issue
- ESET Remote Administrator version 6.3 and later is able to send notifications to your Syslog server
- Export Threat events, Firewall Aggregated events and HIPS Aggregated events
Solution
To perform the steps in this article, a user must have the following permissions for their home group:
Once these permissions are in place, follow the steps below:
- Open ESET Remote Administrator Web Console (ERA Web Console) in your web browser and log in. How do I open ERA Web Console?
- Click Admin → Server Settings and expand Advanced Settings.
Figure 1-1
Click the image to view larger in new window - In the Syslog Server section, complete the following steps (see figure 1-2):
- Click the slider bar next to Use Syslog server
- Host: Type the IP address or hostname for the destination of Syslog messages
- Port: Default value is 514
- In the Logging section, click the slider bar next to Export logs to Syslog and click Save.
Figure 1-2
Click the image to view larger in new window - For a detailed list of the format and meaning of attributes of all exported events (Threat events, ESET Firewall events and HIPS events), visit the Export logs to Syslog Online Help topic.
Reactie toevoegen
Log in of registreer om een reactie te plaatsen.