Proteggiamo il tuo ambiente digitale da qualsiasi attacco informatico. Sfrutta tutte le potenzialità della piattaforma SGBox!

Gallery

Contatti

Via Melchiorre Gioia, 168 - 20125 Milano

info@sgbox.it

+39 02 60830172

Search another article?

Syslog Configuration on Kaspersky

You are here:
< Back

Syslog configuration on Kaspersky

This article explain how to configure Kaspersky to send log to SGBox using CEF protocol.

Requirements

Log in to your Kaspersky Security Center console, from Administration Server select Events.
Syslog Configuration on Kaspersky

Select Configure notification and event export and select the Siem configuration type
Syslog Configuration on Kaspersky

On Export Events selecti the CEF format (ArcSight CEF format), and put the SGBox IP, protocol and port.
Syslog Configuration on Kaspersky

Choose the type of endpoint events that will be sent to the Siem from: Administration Server > Managed devices > Policies.
Select the policy then Properties > Event configuration
Syslog Configuration on Kaspersky

You can also choose the Server events that will be forwarded to the Siem from: Administration Server > Server Properties > Event configuration
Syslog Configuration on Kaspersky