How to setup the Generic Syslog Event Collector

Article:TECH90814  |  Created: 2008-01-11  |  Updated: 2010-01-02  |  Article URL http://www.symantec.com/docs/TECH90814
Article Type
Technical Solution


Issue



How to setup the Generic Syslog Event Collector.


Solution



The Generic Syslog Event collector is intended as a catchall collector for syslog events that may not be addressed by a specific product collector. It is also used as a troubleshooting tool for the Syslog Director.

To configure the Generic Syslog Event Collector, follow these steps:
  1. Log into the SSIM Client console.
  2. In the left pane, click System.
  3. In the right pane, click Product Configuration.
  4. Right-click the Generic Syslog Event Collector.
  5. Click New.
    The Create a new Configuration Wizard will appear.
  6. Click Next.
    Give the configuration a Name, then click Next.
  7. Click Add.
    The Find Computers window will appear.
  8. Select the SSIM appliance then click Add.
  9. Click Next, then Finish.

Now that the configuration is created, verify the sensor settings.
  1. Click on the new configuration you just created.
  2. Click the SysLog Sensor tab.
  3. Check the box next to Sensor 0 to activate the sensor.
  4. Leave the port number at 10518.
  5. Click Save.
  6. Right click the configuration and click Distribute.
  7. Click Yes to confirm.

For more information see this document.





Legacy ID



2008111115140354


Article URL http://www.symantec.com/docs/TECH90814


Terms of use for this information are found in Legal Notices