Difference between revisions of "Forwarding the logs to the siem server by configuring the UDP Port"

From Secure Web Gateway
en>Samidha12
 
m (1 revision imported: Importing all pages)
 

Latest revision as of 15:36, 24 July 2021

Basically this configuration is used for monitoring real time access logs,extended logs and native logs.

How to configure ?

1.Go to SafeSquid Interface
2.Click on Support at right top corner
3.Click on Startup Params menu.

EXTENDED_UDP_IP        :  Syslog server IP or Siem IP
NATIVE_UDP_IP              :  Syslog server IP or Siem IP
EXTENDED_UDP_PORT  :  UDP Port (514)
NATIVE_UDP_PORT        :  UDP Port (514)

Forwarding logsSlide1 (1).PNG
  
Forwarding logsSlide1 (2).PNG
  
Forwarding logsSlide1 (3).PNG
  
Forwarding logsSlide1 (4).PNG
  
Forwarding logsSlide1 (5).PNG
  
Forwarding logsSlide1 (6).PNG
  

 

Retrieved from "https://docs.safesquid.com/index.php?title=Forwarding_the_logs_to_the_siem_server_by_configuring_the_UDP_Port&oldid=91"