Jump to content

Integrate ESET logs in a SIEM deployment (OSSIM)


Recommended Posts

Good afternoon,

 

recently I start the deployment and configuration of a SIEM solution at work. I started with an open source solution called OSSIM. They do have plugin for several antivirus solution but not for ESET so I decided to create a plugin myself.

 

In my company they use the version ESET Endpoint Antivirus. There is a Log tool that allow the user to see the different events that are happening. I would need to connect that with OSSIM somehow.

Does someone know where those logs are stored? are they plain texts somewhere? any info is welcome... :)

 

thanks a lot in advance.

Jose

Link to comment
Share on other sites

  • Administrators

Endpoint products for business segment have an option to log to plain text files. You can enable this in the advanced setup -> Tools -> Log files.

Link to comment
Share on other sites

Thanks a lot Marcos for the quick reply.

Unfortunately my boss is putting a lot of pressure to integrate the present antivirus solution in the SIEM solution... do you know if there is any way to upgrade  our license to the business solution with a low investement? he is suggesting me to move to another solution...

 

thanks once more.

Jose

Link to comment
Share on other sites

  • Administrators

How many licenses did you purchase? With 5 and more, you should be able to download and use Endpoint products.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...