SIEM Tab
Use the SIEM tab to configure settings for the saving Management event logs in a SIEM.
The tab contains the following configuration fields:
Field | Description |
---|---|
Enable SIEM events | To activate SIEM logging, select the Report to SIEM checkbox. |
SIEM Server address | Address of the SIEM system collector service. Specify a hostname where the address represents a fully qualified hostname or an IPv4 address. The default is empty. When the address is empty, the server uses its own IP as an address. |
SIEM Server port | Specifies the UDP port of the SIEM system collector service. Specify a positive integer between 1 and 65535. The default is 514. For more information about SIEM logging in Management, see Sending Logs to SIEM in CEF Format. |
To test the connection settings , click at the bottom of the screen.
n | If the settings are valid, a verification code is displayed in Management. For example: |
The same code should appear in your SIEMÂ system.
n | If the settings are invalid, an error is displayed below the button. |
Comments
0 comments
Please sign in to leave a comment.