Search another article?
Syslog configuration on Sangfor
Cyber Command
Endpoint Secure
Cyber Command
In order configure Cyber Command to send logs to SGBox you need to:
Login to your Cyber Command console.
Go to System > Third-Party Platforms section, click on “add” and complete the fields.
- Choose Platform name (eg. SGBox)
- Enter SGBox IP address
- Enter Reported asset (suggested All)
- Select Syslog as protocol
- Enable Security Incident and Security Alert in CEF Format
- Enter 514 as port
scroll down, put the flag Security alert and set port number : 514, finally click OK.
Endpoint Secure
In order configure Endpoint Secure to send logs to SGBox you need to:
Login to your Endpoint Secure console.
Go to the section Data sync > syslog reporting, put the flag on Enable syslog sync.
- Set the protocol as UDP (or TCP if needed)
- Enter SGBox ip and 514 as port
- Select the different log type you want to send to SGBox
- Select Unicode as Encoding format and Sync Mode.
