This article explains the steps to configure syslog on Varonis.
Prerequsites
- Administrator login credentials.
Configuring Varonis syslogs
Configuring Syslog message forwarding
1. Login to your Varonis UI using admin credentials.
2. In Data Advantage, select Tools > DatAlert > Select DatAlert.
3. Now, select Configuration.
4. In Syslog Message Forwarding, do as follows:
- Syslog Message IP Address: Forwarder IP Address
- Port: 11656
- Facility name: Choose a different facility.
5. Click Apply.
Configuring Syslog format
1. Now, click Alert Templates.
2. Click on the Green Plus sign ( ) to add a New Alert Template.
- Enter a Template name.
- Select Syslog message in Apply to alert methods.
3. Click OK
Configuring alerts for single or multiple rules
To select the syslog alert method for a single rule:
1. Now in the same window, Click the Rules. In that you can see the Rules tables.
2. Now Select the Rule and then click Edit Rule. The rule editing menu appears.
For Multiple, need select all the Rule at a time.
3. From the left menu, select Alerts Method. The “Alert Method” window appears.
4. Select the Syslog message.
5. Click OK.
Comments
0 comments
Please sign in to leave a comment.