Sep11 External Logging
We use an external logging appliance to correlate logs across our many security devices. I am having trouble mapping and understanding which logs are available at the client level, the server reporting level and the external logging level. Specifically I am interested in the IDS logs that are located at the server reporting level and labeled "Network Threat Protection" but I would like them to be sent to my external logging solution but I am not seeing them. PLEASE provide an understanding of this!
At the client level I have:
System Log (A/V and Anti-Spyware)
System Log (Proactive Threat Protection)
At the server reporting level I have:
At the external logging level I have: