Using a remote syslog server with Encryption Management Server

book

Article ID: 223923

calendar_today

Updated On:

Products

Encryption Management Server Gateway Email Encryption

Issue/Introduction

Encryption Management Server can be configured to send all its logs to an external syslog server such as Splunk.

Environment

Symantec Encryption Management Server 10.5 and above.

Resolution

To configure an external syslog server, please do the following:

  1. From the administration console, navigate to Reporting / Logs.
  2. From the bottom of the page, click on the Settings button.
  3. Enable the checkbox Enable External Syslog.
  4. Select the protocol, TCP or UDP from the Protocol list.
  5. Enter the FQDN or IP address of the syslog server in the Hostname field.
  6. Enter the port, default 514, in the Port field.
  7. Click the Save button.

To test, log off the administration console and back on again. This action generates an entry in the Administration log which should be received by the remote server. For example:

Administrator admin from 10.1.2.3 logged in

Attachments