This topic provides instructions on how to configure a Syslog notification server. When enabled, Syslog provides auditing through the use of the RFC 5424 Syslog protocol. Syslog has proven to be an effective format to consolidate logs, as there are many open source and proprietary tools for reporting and analysis.
Make sure that you have the Syslog settings that you would like to use as notification server.
To configure Syslog as a notification server:
- In the Security Analytics menu, select Administration > System.
- In the options panel, select Global Notifications.
- Click the Servers tab.
- From the drop-down menu, select Syslog.
- In the Define Syslog Notification Server dialog, provide the required information and click Save.
For details of the parameters and descriptions, see Define Notification Server Dialogs.