ForcePoint – SGBox Next Generation SIEM & SOAR https://www.sgbox.eu Next Generation SIEM & SOAR Fri, 07 Feb 2025 09:44:41 +0000 en-US hourly 1 https://wordpress.org/?v=6.8 https://www.sgbox.eu/wp-content/uploads/2025/02/cropped-SGBox-symbol-png-32x32.webp ForcePoint – SGBox Next Generation SIEM & SOAR https://www.sgbox.eu 32 32 Syslog configuration on ForcePoint https://www.sgbox.eu/en/knowledge-base/syslog-configuration-on-forcepoint/ Fri, 07 Feb 2025 09:21:07 +0000 https://www.sgbox.eu/?post_type=epkb_post_type_1&p=29415 ForcePoint

To send logs to SGBox:

Toggle the Enable SIEM logging switch to ON.

Syslog configuration on ForcePoint
  

  1. Enter the IP address or hostname and communication Port for your SGbox server.
  2. Select a Transport protocol (TCP or UDP).
  3. Configure which logs to send by selecting one or more Threat levels. By default, malicious and suspicious incident logs are forwarded.
  4. Select an SIEM format to use (the default is syslog/CEF).

  5. Click Apply to save your changes.

For further information visit this link: https://www.websense.com/content/support/library/riskvision/v21/system_mgmt/system_logging.aspx 

]]>