Forwarding the logs to the siem server by configuring the UDP Port

From Secure Web Gateway
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Basically this configuration is used for monitoring real time access logs,extended logs and native logs.

How to configure ?

1.Go to SafeSquid Interface
2.Click on Support at right top corner
3.Click on Startup Params menu.

EXTENDED_UDP_IP        :  Syslog server IP or Siem IP
NATIVE_UDP_IP              :  Syslog server IP or Siem IP
EXTENDED_UDP_PORT  :  UDP Port (514)
NATIVE_UDP_PORT        :  UDP Port (514)

Forwarding logsSlide1 (1).PNG
  
Forwarding logsSlide1 (2).PNG
  
Forwarding logsSlide1 (3).PNG
  
Forwarding logsSlide1 (4).PNG
  
Forwarding logsSlide1 (5).PNG
  
Forwarding logsSlide1 (6).PNG
  

 

Retrieved from "https://docs.safesquid.com/index.php?title=Forwarding_the_logs_to_the_siem_server_by_configuring_the_UDP_Port&oldid=91"