Forwarding the logs to the siem server by configuring the UDP Port

From Secure Web Gateway
Revision as of 15:36, 24 July 2021 by Manish (talk | contribs) (1 revision imported: Importing all pages)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Basically this configuration is used for monitoring real time access logs,extended logs and native logs.

How to configure ?

1.Go to SafeSquid Interface
2.Click on Support at right top corner
3.Click on Startup Params menu.

EXTENDED_UDP_IP        :  Syslog server IP or Siem IP
NATIVE_UDP_IP              :  Syslog server IP or Siem IP
EXTENDED_UDP_PORT  :  UDP Port (514)
NATIVE_UDP_PORT        :  UDP Port (514)

Forwarding logsSlide1 (1).PNG
 
Forwarding logsSlide1 (2).PNG
 
Forwarding logsSlide1 (3).PNG
 
Forwarding logsSlide1 (4).PNG
 
Forwarding logsSlide1 (5).PNG
 
Forwarding logsSlide1 (6).PNG