CB Protection: How to Setup Syslog Messages
search cancel

CB Protection: How to Setup Syslog Messages


Article ID: 289284


Updated On:


Carbon Black App Control (formerly Cb Protection)


Configure Syslogging with CB Protection


  • CB Protection 7.2.x and Higher


  1. Prepare the Syslog server to log Cb Protection events. See the
    separate Cb Protection Event Integration Guide for more details about preparing the
  2. On the Cb Protection Console menu, click the configuration (gear) icon and choose
    System Configuration, and on the System Configuration page, click on the Events
  3. On the Events tab, click the Edit button at the bottom of the page.
  4. In the External Event Logging panel, check the Syslog Enabled box.
  5. Provide the address (IP address or FQDN) and port number of the Syslog server in
    the Syslog Address and Syslog Port boxes, respectively.
  6. Choose the output format from the Syslog Format menu.
  7. Click Update and choose Yes on the confirmation dialog to save the configuration.

Additional Information

  • Cb Protection supports integration of its event information with Syslog servers using several formats. It's possible to configure Syslog integration on the Events tab of the System Configuration page
  • For additional Syslog formats please refer to the Idea Request below
  • https://community.carbonblack.com/t5/Idea-Central/Additional-Email-Tags-and-Syslog-fields/idi-p/67417#M7430