Exporting data to a Syslog server
You can configure Symantec Endpoint Protection to send the log data from some logs to a Syslog server.
Remember to configure your Syslog server to receive the log data.
For more information about the options you can set in this procedure, you can click Help on the General tab of the External Logging for Site dialog box.
Exporting log data
To export log data to a Syslog server
In the console, click Admin.
Click the local site or remote site that you want to export log data from.
Click Configure External Logging.
On the General tab, select how often you want the log data to be sent to the file.
In the Master Logging Server list box, select the server you want to send logs to.
If you use Microsoft SQL and have multiple management servers connected to the database, you only need one server to be the Master Logging Server.
Check Enable Transmission of Logs to a Syslog Server.
Configure the following fields as desired:
Type in the IP address or domain name of the Syslog server that you want to receive the log data.
UDP Destination Port
Type in the destination port that the Syslog server uses to listen for Syslog messages or use the default.
Type in the number of the log facility that you want to be used in the Syslog configuration file or use the default. Valid values range from 0 to 23.
On the Log Filter tab, select all of the logs that you want to send to text files. If a log type that you select lets you select the severity level, check the severity levels that you want to save.