Jump to content
Sign in to follow this  
smash007

About ESET Security Management Center Syslog Settings

Recommended Posts

Hello, can you be more specific, about what you would like to configure? Currently, when you enable syslog export, the standard set of logs is being exported. Format / legend is further explained here: https://help.eset.com/esmc_admin/70/en-US/admin_server_settings_syslog.html?events-exported-to-json-format.html

We currently do not support any advanced configuration for this. 

Share this post


Link to post
Share on other sites
Posted (edited)

 

Hi MichalJ. I want to set up a facility for transferring Eset's Syslog to a Syslog server. After confirming the Syslog communication transferred from Eset, the facility has been transferred by user.

For example,I want to receive it in any of local0 to local7

Edited by smash007

Share this post


Link to post
Share on other sites

As I am not able to properly understand your intentions, the best thing I would recommend is that you contact Canon, our exclusive distributor in Japan, that might be able to help you with addressing your request. They have trained staff to assist you. 

Share this post


Link to post
Share on other sites

I want to set the facility code number when reporting log information from Eset Security Manager in SYSLOG

Share this post


Link to post
Share on other sites
7 hours ago, smash007 said:

I want to set the facility code number when reporting log information from Eset Security Manager in SYSLOG

As far as I know and can see, you can't specify the facility to send to.  That said, it doesn't mean you can't set up a sys log server which listens to that port and process the incoming info via a script (bash, python...whichever you fancy).   Theoretically, you can even set up a syslog server script using a different port to 514,  which reads incoming information and then resend it directly to the local syslog server (and to whichever facility you choose).

While it is an indirect way/workaround to the current issue of no facility-specifications in the syslog config, it's better than nothing.

Edmund

 

 

Share this post


Link to post
Share on other sites

ewon. Thank you for your reply.
After all you can not set facility.
I'm sorry.
I confirmed that the facility will be imported as "user" when forwarding logs to the Syslog server, so I wanted to change it.
Consider changing the port number instead of the log file and importing directly by telegram.
Thank you

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...