QuestionPerson 0 Posted October 6, 2021 Share Posted October 6, 2021 On Linux: I was wondering whether ESET Endpoint Security logs event messages to syslog, and if it does not do so by default, whether it is possible to configure it to use syslog? Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 944 Posted October 7, 2021 ESET Moderators Share Posted October 7, 2021 Hello @QuestionPerson, yes, it is described at https://help.eset.com/eeau/8/en-US/idh_config_logs.html?zoom_highlightsub=syslog Syslog facility is a syslog logging parameter used to group similar log messages. For example, logs from daemons (which collect logs via syslog facility daemon) can go to /var/log/daemon.log if configured. With the recent switch to systemd and its journal, syslog facility is less important but still can be used for filtering logs. Peter Link to comment Share on other sites More sharing options...
QuestionPerson 0 Posted October 7, 2021 Author Share Posted October 7, 2021 Hi Peter, Thanks for the reply, I'm very happy to hear that this works! Could I trouble you for some details? I found the following in the exporter ESET .xml configuration: <ITEM NAME="Log"> <NODE NAME="SyslogFacility" TYPE="number" VALUE="5" /> <NODE NAME="MinimumLogVerbosity" TYPE="number" VALUE="8" /> </ITEM> How would I set/change these values to - for example - see the results of the latest on-demand scan? Also, how/where would I be able to see the syslog messages? My machine is running rsyslog and it's probably very easy to do, but I never used it before o_O And, finally: Does the syslog logging depend on having an activated license? (I'm waiting for mine as we speak and want to make sure I'm not looking for something that won't work until ESET is activated.) Cheers, Fabian Link to comment Share on other sites More sharing options...
Recommended Posts