Syslog server
If you have a Syslog server running in your network, you can configure ESET PROTECT Server to send Notifications to your Syslog server. You can also enable Export logs to Syslog to receive certain events (Detection Event, Firewall Aggregated Event, HIPS Aggregated Event, etc.) from client computers running ESET Endpoint Security, for example.
To enable Syslog server:
1.Navigate to More > Settings > Advanced Settings > Syslog Server and click the slider bar next to Use Syslog server.
2.Specify the following mandatory settings:
a.Host (IP address or hostname of the destination for Syslog messages)
b.Port number (default value is 514).
c.Format of the log: BSD (specification), Syslog (specification)
d.Transport protocol for sending messages to Syslog (UDP, TCP, TLS)
After making changes, click Save.
The regular application log file is constantly being written to. Syslog only serves as a medium to export certain asynchronous events, such as notifications or various client computer events. |