How to send syslog events to aanval server

Follow
Bert Colemont

How to send syslog events to aanval server?

I see that the machine is not listening to port  514, so do I need to install a syslog server on it and grab it over there?

0

Comments

1 comment

Date Votes
  • * Aaron [TF]

    Bert,

    In Aanval 9, we recommend using a native syslog engine like rsyslog to ingest your syslog data and have them written to a structured directory, etc.

    Then within Aanval, head on over to your syslog sensor configuration and create a new syslog sensor, pointing to one of those files. One log file is considered a single sensor.

    0
    Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post