cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted

Is CP-Logexporter able to export events?

Hi, I got a question this question from our SIEM team, is it possible to export correlated events with CP-Log Exporter?

 

Regards, Maarten
0 Kudos
6 Replies
Employee+
Employee+

Re: Is CP-Logexporter able to export events?

Yea.

Simply configure the log-exporter on the SmartEvent or SME CU (if dedicated) server, as the raw correlated logs are generated & stored there.

0 Kudos

Re: Is CP-Logexporter able to export events?

In a Multi Domain environment, I would need to filter this on a specific domain then, is that also a possibility? I'm sorry but I did not yet need this, so did not really look into it so far.
Regards, Maarten
0 Kudos
Employee+
Employee+

Re: Is CP-Logexporter able to export events?

Filtering the correlated events on the SME for a specific domain's correlated logs, you mean?

that may be done using the new filtering feature, but I'm not absolutely sure. perhaps someone else knows, is that what you need?

or did you mean a general domain exporting of logs?

Exporting a specific domain's regular logs on a CMA/CLM is easily done by configuring the log-exporter on a specific domain on an MDS/MLM (domain-server <name>).

 

0 Kudos

Re: Is CP-Logexporter able to export events?

Yep that is what I mean.
Nope, I already use that for other customers.
Regards, Maarten
0 Kudos
Employee+
Employee+

Re: Is CP-Logexporter able to export events?

Assuming you have the latest R80.10 log-exporter that includes the filtering ability.

You should be able to filter by a specific GW, using the origin field on the correlated log (which correlates to a specific domain).

 

 

0 Kudos

Re: Is CP-Logexporter able to export events?

Ok thanks we'll give it a try.
Regards, Maarten
0 Kudos