SIEM Tab
Use the SIEM tab to configure settings for the saving Management event logs in a SIEM.
The tab contains the following configuration fields:
Field | Description |
|---|---|
| Enable SIEM events | To activate SIEM logging, select the Report to SIEM checkbox. |
| SIEM Server address | Address of the SIEM system collector service. Specify a hostname where the address represents a fully qualified hostname or an IPv4 address. The default is empty. When the address is empty, the server uses its own IP as an address. |
| SIEM Server port | Specifies the UDP port of the SIEM system collector service. Specify a positive integer between 1 and 65535. The default is 514. For more information about SIEM logging in Management, see Sending Logs to SIEM in CEF Format. |
To test the connection settings , click 
at the bottom of the screen.
| n | If the settings are valid, a verification code is displayed in Management. For example: |
The same code should appear in your SIEMÂ system.
| n | If the settings are invalid, an error is displayed below the button. |
Comments
0 comments
Please sign in to leave a comment.