ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Using a remote syslog server with Encryption Management Server
Article ID: 223923
Encryption Management Server
Gateway Email Encryption
Encryption Management Server can be configured to send all its logs to an external syslog server such as Splunk.
Symantec Encryption Management Server 10.5 and above.
To configure an external syslog server, please do the following:
- From the administration console, navigate to Reporting / Logs.
- From the bottom of the page, click on the Settings button.
- Enable the checkbox Enable External Syslog.
- Select the protocol, TCP or UDP from the Protocol list.
- Enter the FQDN or IP address of the syslog server in the Hostname field.
- Enter the port, default 514, in the Port field.
- Click the Save button.
To test, log off the administration console and back on again. This action generates an entry in the Administration log which should be received by the remote server. For example:
Administrator admin from 10.1.2.3 logged in