Forwarding the logs to the siem server by configuring the UDP Port

From Secure Web Gateway
Share/Save/Bookmark
Revision as of 17:10, 27 December 2017 by Samidha12 (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Basically this configuration is used for monitoring real time access logs,extended logs and native logs.

How to configure ?

1.Go to SafeSquid Interface
2.Click on Support at right top corner
3.Click on Startup Params menu.

EXTENDED_UDP_IP        :  Syslog server IP or Siem IP
NATIVE_UDP_IP              :  Syslog server IP or Siem IP
EXTENDED_UDP_PORT  :  UDP Port (514)
NATIVE_UDP_PORT        :  UDP Port (514)

Forwarding logsSlide1 (1).PNG
 
Forwarding logsSlide1 (2).PNG
 
Forwarding logsSlide1 (3).PNG
 
Forwarding logsSlide1 (4).PNG
 
Forwarding logsSlide1 (5).PNG
 
Forwarding logsSlide1 (6).PNG