This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Mike_A
Advisor
‎2021-04-29 06:38 AM
In response to Prime

syslog messages from your gateways/mgmt to a syslog server, or firewall logs to a syslog server? If its the gateway/mgmt to a syslog sever the string is below. 

 

add syslog log-remote-address <target server> level <level>

 

If its traffic logs, then per the SK Val posted you would use a syntax like below specifying syslog as the format. 

cp_log_export add name <name> [domain-server <domain-server>] target-server <target-server IP/host name> target-port <target-port> protocol <(udp|tcp)> format <(syslog)|(cef)|(splunk)|(logrhythm)|(generic)> [optional arguments]

 

For you I would assume the string to look something like this

cp_log_export add name SYSLOG-EXPORT-TO-SIEM target-server 10.10.10.10 target-port 514 protocol udp format syslog

 

View solution in original post

(1)
Who rated this post