Syslog Servers

To collect log events on an external server, you need to set up a Syslog server. If you do not want to set up a Syslog server, the event logs can only be saved on the OT Security EM platform.

To set up a Syslog server:

1. Go to Local Settings > Servers > Syslog Servers.

2. Click + Add Syslog Server.

   The Syslog Servers configuration window appears.

   

3. In the Server Name box, type the name of a Syslog server for logging system events.

4. In the Hostname/IP box, type a hostname or an IP address of the Syslog server.

5. In the Port box, type the port number on the Syslog server that receives the events. (Default: 514)

6. In the Transport drop-down box, select the transport protocol you want to use. Options are TCP or UDP.

7. To send a test message to verify that the configuration is successful, click Send Test Message.

   Verify if the message arrived. If the message did not arrive, then troubleshoot to discover the cause of the problem and rectify it.

8. Click Save.

   You can set up additional Syslog servers by repeating this procedure.