Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 25314 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Enterprise Console and Syslog (and/or SIEM) server

Wagab

Hello all,

I have a question about SEC, log and syslog. I would like to send every log by syslog to a syslog server and/or SIEM. I've seen that :
/search?q= 8285

I would like to ask you somes questions :
1 - Do I understand ? This both modules could send (actually, almost Sophos Reporting Log Writer but it needs Sophos Reporting Interface if I understand) log to syslog server/SIEM ?

2 - If Yes, there is only this solution or there are others applications which could do that ? If No, how could I do to send every SEC log by syslog ?

3 - (the last :) ) Where are SEC logs ? The SEC application logs are in the Windows Event Viewer and logs about virus, client, rms etc ... are in database ? Or Could I fin them in text files ?

I hope I was clear.

Thank you in advance

Wagab

:42263


This thread was automatically locked due to age.
Parents
  • 0

    Thanks a lot Jak for your answers.

    If I understand, with only SRI, I will send SEC log to my SIEM and/or syslog server ? However, when I read description, I understand the contrary, that is to say, we need SLW in order to send log to syslog server.

    I have another questions : here : /search?q= 26459, you speak about script. Is it really easy to scripting that. And does it work fine ?

    In any cases, thank you for your past and future answers.

    Wagab

    :42289
Reply
  • 0

    Thanks a lot Jak for your answers.

    If I understand, with only SRI, I will send SEC log to my SIEM and/or syslog server ? However, when I read description, I understand the contrary, that is to say, we need SLW in order to send log to syslog server.

    I have another questions : here : /search?q= 26459, you speak about script. Is it really easy to scripting that. And does it work fine ?

    In any cases, thank you for your past and future answers.

    Wagab

    :42289
Children
No Data