jacortijo 0 Posted May 6, 2015 Share Posted May 6, 2015 Good afternoon, recently I start the deployment and configuration of a SIEM solution at work. I started with an open source solution called OSSIM. They do have plugin for several antivirus solution but not for ESET so I decided to create a plugin myself. In my company they use the version ESET Endpoint Antivirus. There is a Log tool that allow the user to see the different events that are happening. I would need to connect that with OSSIM somehow. Does someone know where those logs are stored? are they plain texts somewhere? any info is welcome... thanks a lot in advance. Jose Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted May 7, 2015 Administrators Share Posted May 7, 2015 Endpoint products for business segment have an option to log to plain text files. You can enable this in the advanced setup -> Tools -> Log files. Link to comment Share on other sites More sharing options...
jacortijo 0 Posted May 7, 2015 Author Share Posted May 7, 2015 Thanks a lot Marcos for the quick reply. Unfortunately my boss is putting a lot of pressure to integrate the present antivirus solution in the SIEM solution... do you know if there is any way to upgrade our license to the business solution with a low investement? he is suggesting me to move to another solution... thanks once more. Jose Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted May 7, 2015 Administrators Share Posted May 7, 2015 How many licenses did you purchase? With 5 and more, you should be able to download and use Endpoint products. Link to comment Share on other sites More sharing options...
Recommended Posts