Export logs to Syslog

In version 6.3 it exports ThreatEvent, FirewallAggregatedEvent and HIPSAggregatedEvent generated on managed endpoints. These exported events can be processed by any SIEM solution capable of import from syslog. Events are written to syslog by ESET Remote Administrator Server.

To enable event log export, first, the syslog export has to be enabled. For information on how to enable syslog export see ERA 6 syslog. After enabling syslog export navigate to ADMIN → Server Settings →LOGGING and toggle Export logs to Syslog on. Event messages are formatted in JSON.