Highlighted
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class
189 views

what are the details required to add an any new server to SIEM ?

what are the details required to add an any new server to SIEM ?

Labels (3)
0 Likes
2 Replies
Highlighted
Absent Member.
Absent Member.

IP Address can be one

0 Likes
Highlighted
Absent Member.
Absent Member.

Here you go.

DeviceVendor, deviceProduct, deviceVersion,deviceHostname, deviceAddress, IS_HA and has virtual IP/host, logs location, perdaylogvolume(EPS/GB),domain,IS_Syslog

LogLcoation:

If file, then location, username/passwd to access the file, share the folder of this file, have the nw connectiviy between connector server and log server

If db, then db name, version, database instance name, table name, port no, local db user with read permission to table (incase of flex or smart).

If API, then username password with proper access

If syslog, then u need to provide the port and connector server IP to be configured. default is 514.

Hope it helps.

Regards,

Amit

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.