Marking general events for export in Syslog format
Marking general events for export in Syslog format
You can mark general events that Administration Server will export to SIEM systems by using the Syslog format.
To mark general events for export to a SIEM system:
- Do one of the following:
- In the main menu, click the settings icon (
) next to the name of the required Administration Server. - In the main menu, go to 资产(设备) → 策略和配置文件, and then click a link of a policy.
- In the main menu, click the settings icon (
- In the window that opens, go to the 事件配置 tab.
- Click 使用 Syslog 标记以导出到 SIEM 系统.
Also, you can mark an event for export to SIEM system in the 事件注册 section, that opens by clicking the link of the event.
- A check mark (
) appears in the Syslog column of the event or events that you marked for export to the SIEM system.
From now on, Administration Server sends the marked events to the SIEM system if export to the SIEM system is configured.
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.