Hi all,
We are looking to send syslogs from our system to our SIEM. I found this: 000028950 - B-1288 - Setting up and using a syslog server with the Appliance but when trying to complete
Restart the syslog and iptables
service iptables restart
service syslogd restart
I get a message saying the directory was not found. Does anyone have updated directions to send logs to a SIEM? We are currently on 7.0p2.
Thanks
just found this thread: RSA VIA Integration with SIEM Tools We use Netwitness so we can set up this up easily.