How To Setup Logging Events to a Syslog Server
search cancel

How To Setup Logging Events to a Syslog Server

book

Article ID: 286708

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

Setup forwarding of events and logs to an external application.

Environment

  • App Control Console: All Supported Versions

Resolution

  1. Prepare the syslog application to ingest App Control events. NOTE: Additional Instructions can be found here.
  2. Login to the App Control Console and navigate to: System Configuration > Events > Edit.
  3. In the section, "External Event Logging" check the box, "Syslog Enabled".
  4. Enter the relevant details for the syslog application (Syslog Address, Port, Format, etc).
  5. Click Update > review the changes > click Yes to apply the changes.

Additional Information

Check the Supported Integrations Documentation to determine if the application is supported.

Currently it is not possible to filter the Events sent from App Control. Filtering should be done in the application ingesting the Events.

Additional external event logging instructions can be found here.

Powered by Wolken Software