Historical Search This section is used to analyze logs coming from each data source. You can see them in: LM > Analysis > Historical Search. Logs are stored in a database, when you need to search logs and you can use operator like “AND”, “OR” and “NOT” to filter the search results. You can choose […]
Syslog Configuration on Apex Configure Syslog Settings For Apex Central On-premise Configure Syslog Settings Apex SaaS Configure Syslog Settings For Apex Central On-premise In order to send logs to SGBox you need to modify first you syslog settings: Go to Detections > Notifications > Notification Method Settings. The Notification Method Settings screen will appear. In […]
Syslog configuration on Sangfor Cyber Command Endpoint Secure Cyber Command In order configure Cyber Command to send logs to SGBox you need to: Login to your Cyber Command console.Go to System > Third-Party Platforms section, click on “add” and complete the fields. Choose Platform name (eg. SGBox) Enter SGBox IP address Enter Reported asset (suggested […]
6.0.6 A new version of SGBox that improve features and performance has been released Various fixes SGBOX > SCM > Applications > SGBox Updates
Syslog configuration on ESET Following the steps to send logs from ESET (on-premise and Cloud) console to SGBox. Syslog server Configuration On Premise Syslog server Configuration On Cloud Syslog server Configuration On Premise If you have a Syslog server running in your network, you can Export logs to Syslog to receive certain events (Detection Event, […]
Syslog configuration on Cortex XDR Select Settings → Configurations → Integrations → External Applications. In Syslog Servers, click + New Server. Define the following parameters: Name: for the server profile Destination: IP address or fully qualified domain name (FQDN) of SGBox. port: number on which to send syslog messages. facility: Select one of the syslog standard values. […]
User Asset Checking The purpose of this feature is to limit the visibility of a user on a set of hosts present on SGBox, showing only those that are part of an asset to which his user is assigned. Therefore at the time we need to show a user of SGBox only certain hosts, we […]
Syslog configuration on WLC ( GUI ) Go to Management > Logs > Config. The Syslog Configuration (GUI) age appears: Enter the Syslog Server IP Address and click Add. You can add up to three syslog servers to the controller. The list of syslog servers that have already been added to the controller appears under […]
Syslog configuration on QNAP Here the steps to send logs to SGBox. Log in to QuLog Center. Go to QuLog Service > Log Sender > Send to Syslog Server. Enable Send logs to remote syslog server. Click on Add destinatinatio IP address Enter SGBox IP on Destination IP Enter 514 as Port Select UDP as Transfer protocol Destination […]
Syslog configuration on Ubiquiti These instructions assume: The date, time and time zone are correctly set on the device. You have administration access to the UniFi controller web interface. Configure syslog: Log in to the UniFi Controller’s web interface. Click Settings (the gear icon) in the bottom left corner. Under the Site heading, navigate to […]