Syslog server

If you have a Syslog server running in your network, you can configure ERA Server to send Notifications to your Syslog server. You can also enable Export logs to Syslog in order to receive certain events (Threat Event, Firewall Aggregated Event, HIPS Aggregated Event, etc.) from client computers running ESET Endpoint security, for example.

To enable Syslog server, navigate to Admin > Server Settings > Advanced Settings > Syslog Server and use the switch next to Use Syslog server. Specify the following mandatory settings - Host (IP address or hostname - destination for Syslog messages) and a Port number (default value is 514).

syslog_server

Syslog messages will be sent to the Syslog server via UPD (User Datagram Protocol). If you also want to have client computer logs/events sent to your Syslog server, use the switch next to Export logs to Syslog to enable it. Click Save.

icon_details_hoverNOTE

The regular application log file is constantly being written to. Syslog only serves as a medium to export certain asynchronous events such as notifications or various client computer events.