6.0.6 A new version of SGBox that improve features and performance has been released Various fixes SGBOX > SCM > Applications > SGBox Updates
Syslog configuration on ESET Following the steps to send logs from ESET (on-premise and Cloud) console to SGBox. Syslog server Configuration On Premise Syslog server Configuration On Cloud Syslog server Configuration On Premise If you have a Syslog server running in your network, you can Export logs to Syslog to receive certain events (Detection Event, […]
Syslog configuration on Cortex XDR Select Settings → Configurations → Integrations → External Applications. In Syslog Servers, click + New Server. Define the following parameters: Name: for the server profile Destination: IP address or fully qualified domain name (FQDN) of SGBox. port: number on which to send syslog messages. facility: Select one of the syslog standard values. […]
User Asset Checking The purpose of this feature is to limit the visibility of a user on a set of hosts present on SGBox, showing only those that are part of an asset to which his user is assigned. Therefore at the time we need to show a user of SGBox only certain hosts, we […]
Syslog configuration on WLC ( GUI ) Go to Management > Logs > Config. The Syslog Configuration (GUI) age appears: Enter the Syslog Server IP Address and click Add. You can add up to three syslog servers to the controller. The list of syslog servers that have already been added to the controller appears under […]
Syslog configuration on Ubiquiti These instructions assume: The date, time and time zone are correctly set on the device. You have administration access to the UniFi controller web interface. Configure syslog: Log in to the UniFi Controller’s web interface. Click Settings (the gear icon) in the bottom left corner. Under the Site heading, navigate to […]
Configure Sentinel to send logs to SGBox Open the SentinelOne Admin Console. Configure SentinelOne to send logs to your Syslog server. Select your site. In the left side menu, click the slider icon [⊶] to open the Settings menu. Open the INTEGRATIONS tab, and fill in the details: ( 3.1 ): Under Types, select SYSLOG […]
ForcePoint To send logs to SGBox: Toggle the Enable SIEM logging switch to ON. Enter the IP address or hostname and communication Port for your SGbox server. Select a Transport protocol (TCP or UDP). Configure which logs to send by selecting one or more Threat levels. By default, malicious and suspicious incident logs are […]
6.0.5 A new version of SGBox that improve features and performance has been released. Various fixes SGBOX > SCM > Applications > SGBox Updates
6.0.4 A new version of SGBox that improve features and performance has been released. Added geolocation for IPv6 addresses Updated geolocation DB to latest version Windows agent – Tailfile/Tailfolder command now supports multiline logs Windows agent – Tailfile/Tailfolder command now supports logs with incomplete timestamps (e.g. hours-minutes-seconds only) Various fixes SGBOX > SCM > Applications […]