Search Results

Configure Syslog Monitoring STEP 1 - Configure a Syslog server profile.  Select Device-->Server-->Profiles-->Syslog.  Click Add and enter a Name for the profile.  If the firewall has more than one virtual system (vsys), select...

Method 1: Using GUI Configure log forwarding Sign in to the Meraki Dashboard with administrator permissions. If your account is a member of multiple organizations, select the organization that you want to configure in the Organization list. In the Ne...

Configure the Vault to Forward syslog Messages to PTA The system logger of the Vault must be configured to send logging data to the PTA machine for real-time data analysis.   When PTA is configured with Vaults deployed in a distributed environment, ...

How to Configure Windows Event Forwarding for User Awareness Cato Networks’ User Awareness feature usually imports the audit log events directly from the Domain Controller (DC). These log events are shown in the Event Discovery window in the C...

How to Send Logs to a Remote Syslog Server Summary: This article briefly describes how to configure a Nutanix cluster to send logs to an rsyslog server. Description: This article briefly describes configuring a Nutanix cluster to send logs to an rsyslog se...

Log Forwarder EventLog Analyzer's Syslog Forwarder transmits logs from various sources to a destination server. Logs from syslog devices are forwarded as raw logs, whereas logs from other sources are converted to specific formats such as JSON, RFC 5424, RFC 5...

Method 1: Network logs forwarding The Network logs forwarding page ("Settings" > "System Settings" > "Network logs forwarding") allows users to enable and configure the forwarding of Network Logs to a third-party solution by means of syslog messages. The pa...

Authentication  The Secure Endpoint API requires access via an authenticated and authorized account. Only authorized accounts are able to submit requests to API operations. All operations must communicate over a secure HTTPS connection.  To authenticate and ...

Overview This integration with Microsoft Office 365 supports the ingestion of user, administrator, system, and policy-related events. It leverages the Office 365 Management Activity API to retrieve activity logs from both Office 365 and Azure Active Directory...

Step 1: Create an Event Hub for Microsoft Entra ID Logs Go to Azure Portal > Event Hubs > Create Namespace Select Resource Group or create a new one. Choose a Region and a Pricing Tier (Standard or Premium). Click Review + Create → Create. Cre...

 Here are the necessary steps to resolve the issue. Step 1: Go to your Azure Portal and log in >go to Storage Account  dedicated for Elastic Integration. Step 2: Maneuver to Data Storage > Containers. Step 3: Check all the Blob Storage dedicated for every...

Get started with CSPM for AWS Overview This page explains how to get started monitoring the security posture of your cloud assets using the Cloud Security Posture Management (CSPM) feature. Requirements Minimum privileges vary depending o...

To fully integrate the Cato Networks API with the Elastic Stack (ELK Stack), you can follow this comprehensive process. This guide will cover the necessary steps to collect, transform, and visualize data from Cato Networks using the Elastic Stack. Step 1: Und...

Please follow the steps below to manually add a Log Collector using Windows Environment. Step 1: Log in to your CISO Workplace and click the rectangular dots. Step 2: Click "Cyber Monitoring". Step 3: Go to "Cyber Incident Management (SIEM and XDR)". S...

Please follow these instructions: Step 1: Log in to your Fortinet FortiGate Admin portal and navigate to CLI console. Please refer to the images below.   Step 2: In your CLI Console execute these commands. To configure FortiGate to send log...

The Application Insights Integration allows users to collect metrics from Azure Application Insights. Key Configuration Options: Application ID: The ID of the application from the API Access settings in the Azure portal. API Key: A generated key for authe...

Overview This page explains how to get started monitoring the security posture of your cloud assets using the Cloud Security Posture Management (CSPM) feature. Set up cloud account access The CSPM integration requires access to AWS’s built-in Security...

Requirements   To integrate with Google Cloud Platform (GCP), you need to set up the following: Service Account with a Role.  Service Account Key to access data on your GCP project.  Service Accounts   A Service Account (SA) is a special t...

Endpoint Detection and Response (EDR) Endpoint Detection and Response (EDR), is a cybersecurity technology that focuses on detecting, investigating, and responding to suspicious activities and threats on endpoints, such as workstations, laptops, and servers. ...

Overview The Application Insights Integration allows users to retrieve application insights metrics from specified applications. Integration level configuration options Application ID: ID of the application. This is Application ID from the API Access sett...