Big news! The community will be moving to a new platform April 21. Read more.
Big news! The community will be moving to a new platform April 21. Read more.
Cadet 1st Class Cadet 1st Class
Cadet 1st Class
459 views

In logger applicance, how to configure audit forwarding to forward to another logger or ext syslog

Jump to solution

In a logger applicance (6.4 in this case), I would like to configure it to forward its audits to another logger or to a external syslog.  All that I seem to be able to do is to configure it a ESM destination but that is not quite what is wanted (the goal is to keep the audits in an area not accessible to arcsight administrators - including me).  Any clues how to achieve this?

Labels (2)
0 Likes
1 Solution

Accepted Solutions
Vice Admiral Vice Admiral
Vice Admiral

You could create a UDP forwarder with a unified query along the lines of "deviceProduct=Logger" and specify a syslog destination.

View solution in original post

0 Likes
2 Replies
Vice Admiral Vice Admiral
Vice Admiral

You could create a UDP forwarder with a unified query along the lines of "deviceProduct=Logger" and specify a syslog destination.

View solution in original post

0 Likes
Cadet 1st Class Cadet 1st Class
Cadet 1st Class
Thanks for the help.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.