Jump to content

Trigger event to Syslog

YossiC
 Share

Recommended Posts

YossiC

YossiC 1

Posted
Posted

Hi,

Is it possible to send the Trigger Event of the Detection to Syslog?

For example in rules catching SSH communication, the address would appear in the "Event" tab on Inspect console.

My ESET Inspect server is on the latest version.

Link to comment
Share on other sites
  • 2 weeks later...
  • ESET Staff
j91321

j91321 6

Posted
  • ESET Staff
Posted

Unfortunately we don't send Trigger Event through syslog. These events can be quite large (for example if the triggering event is a Script event). The supported way of doing this is to fetch additional data through REST API after you receive the syslog message, I believe the "event" field is present in the latest version in 

GET /api/v1/detections/{id}

  even though it is missing in the documentation.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...