ESET Online Help

Search English
Select the category
Select the topic

Syslog server

If you have a Syslog server running in your network, you can configure ESET PROTECT Server to send Notifications to your Syslog server. You can also enable Export logs to Syslog to receive certain events (Detection Event, Firewall Aggregated Event, HIPS Aggregated Event, etc.) from client computers running ESET Endpoint Security, for example.

To enable Syslog server:

1.Navigate to More > Settings > Advanced Settings > Syslog Server and click the slider bar next to Use Syslog server.

2.Specify the following mandatory settings:

a.Host (IP address or hostname of the destination for Syslog messages)

b.Port number (default value is 514).

c.Format of the log: BSD (specification), Syslog (specification)

d.Transport protocol for sending messages to Syslog (UDP, TCP, TLS)

After making changes, click Save.

Admin_server_settings_syslog


note

The regular application log file is constantly being written to. Syslog only serves as a medium to export certain asynchronous events, such as notifications or various client computer events.