How to set up forwarding alerts to syslog server from F-Secure Policy Manager?
I have a syslog server, how can I forward alerts from F-Secure Policy Manager Server?
You can set Policy Manager to forward alerts to a third-party syslog server.
Currently, both TCP and UDP transport protocols are supported.
To configure syslog alert forwarding:
- Select Tools > Server configuration from the menu.
- Click Syslog.
- Select Forward alerts to syslog and enter the server address.
- By default, alerts are forwarded to syslog using UDP port number 514. If you want to use a different port, enter the port number after the server address, for example, test.com:8080.
- Select the message format.
- Both Syslog (RFC 3614) and Common Event Format messages are supported.
- Click OK.
- Launch Policy Manager Console
- Select Settings tab
- Switch to Advance View
- Under F-Secure Management Agent, select Settings
- Select Alerting > Alert Forwarding
- Select System logger, syslog checkbox
Article no: 000002577