Who rated this post

cancel
Showing results for 
Search instead for 
Did you mean: 
Mike_A
Advisor

syslog messages from your gateways/mgmt to a syslog server, or firewall logs to a syslog server? If its the gateway/mgmt to a syslog sever the string is below. 

 

add syslog log-remote-address <target server> level <level>

 

If its traffic logs, then per the SK Val posted you would use a syntax like below specifying syslog as the format. 

cp_log_export add name <name> [domain-server <domain-server>] target-server <target-server IP/host name> target-port <target-port> protocol <(udp|tcp)> format <(syslog)|(cef)|(splunk)|(logrhythm)|(generic)> [optional arguments]

 

For you I would assume the string to look something like this

cp_log_export add name SYSLOG-EXPORT-TO-SIEM target-server 10.10.10.10 target-port 514 protocol udp format syslog

 

View solution in original post

(1)
Who rated this post