ESET Online Help

Search English
Select the topic

Syslog security restrictions and limits

Due to the security requirements for Syslog server connection, the following settings are fixed and cannot be changed:

Transport protocol: TLS

TCP port: 6514

For the same reasons there are additional requirements on the receiving Syslog server:

IP address: Globally routable IPv4 address

IDN names : Must use ASCII representation ("xn--")

FQDN: Must translate to a single fixed IPv4 address.


note

Using FQDN

If your Syslog server operates under multiple machines / IP addresses (CDN), there is no guarantee when and how often the FQDN is re-resolved. It is, however, guaranteed that the first FQDN resolution is completed within a 10-minute window after the server's start as long as the Syslog export is enabled and correctly configured.

Additional security settings

Administrators should configure their Syslog server's firewall to allow incoming Syslog Export events only from the following IP ranges:

Outgoing IP addresses from ESET PROTECT in the Europe region:

51.136.106.164

51.136.106.165

51.136.106.166

51.136.106.167

Outgoing IP addresses from ESET PROTECT in the USA region:

40.81.8.148

40.81.8.149

40.81.8.150

40.81.8.151

Outgoing IP addresses from ESET PROTECT in the Japan region:

20.78.10.184

20.78.10.185

20.78.10.186

20.78.10.187

Outgoing IP addresses from ESET PROTECT in the Canada region:

20.48.241.160

20.48.241.161

20.48.241.162

20.48.241.163