Exporting data to a Syslog server

Article:HOWTO27571  |  Created: 2010-01-09  |  Updated: 2010-01-20  |  Article URL http://www.symantec.com/docs/HOWTO27571
Article Type
How To



Exporting data to a Syslog server

You can configure Symantec Endpoint Protection to send the log data from some logs to a Syslog server.

Remember to configure your Syslog server to receive the log data.

For more information about the options you can set in this procedure, you can click Help on the General tab of the External Logging for Site dialog box.

Exporting log data

To export log data to a Syslog server

  1. In the console, click Admin.

  2. Click Servers.

  3. Click the local site or remote site that you want to export log data from.

  4. Click Configure External Logging.

  5. On the General tab, select how often you want the log data to be sent to the file.

  6. In the Master Logging Server list box, select the server you want to send logs to.

    If you use Microsoft SQL and have multiple management servers connected to the database, you only need one server to be the Master Logging Server.

  7. Check Enable Transmission of Logs to a Syslog Server.

  8. Configure the following fields as desired:

    • Syslog Server

      Type in the IP address or domain name of the Syslog server that you want to receive the log data.

    • UDP Destination Port

      Type in the destination port that the Syslog server uses to listen for Syslog messages or use the default.

    • Log Facility

      Type in the number of the log facility that you want to be used in the Syslog configuration file or use the default. Valid values range from 0 to 23.

  9. On the Log Filter tab, select all of the logs that you want to send to text files. If a log type that you select lets you select the severity level, check the severity levels that you want to save.

  10. Click OK.

Legacy ID


Article URL http://www.symantec.com/docs/HOWTO27571

Terms of use for this information are found in Legal Notices