Jump to content

ESET Endpoint Security interface to syslog


Recommended Posts

On Linux: I was wondering whether ESET Endpoint Security logs event messages to syslog, and if it does not do so by default, whether it is possible to configure it to use syslog?

Link to comment
Share on other sites

  • ESET Moderators

Hello @QuestionPerson,

yes, it is described at https://help.eset.com/eeau/8/en-US/idh_config_logs.html?zoom_highlightsub=syslog

Syslog facility is a syslog logging parameter used to group similar log messages. For example, logs from daemons (which collect logs via syslog facility daemon) can go to /var/log/daemon.log if configured. With the recent switch to systemd and its journal, syslog facility is less important but still can be used for filtering logs.

Peter

Link to comment
Share on other sites

Hi Peter,

Thanks for the reply, I'm very happy to hear that this works!

Could I trouble you for some details? I found the following in the exporter ESET .xml configuration:

    <ITEM NAME="Log">
     <NODE NAME="SyslogFacility" TYPE="number" VALUE="5" />
     <NODE NAME="MinimumLogVerbosity" TYPE="number" VALUE="8" />
    </ITEM>

How would I set/change these values to - for example - see the results of the latest on-demand scan?

Also, how/where would I be able to see the syslog messages? My machine is running rsyslog and it's probably very easy to do, but I never used it before o_O

And, finally: Does the syslog logging depend on having an activated license? (I'm waiting for mine as we speak and want to make sure I'm not looking for something that won't work until ESET is activated.)

Cheers,

Fabian

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...