Syslog Setup

The syslog server is a centralized system for logging. It allows to collect error and system logs in one location, decode and coordinate system events across multiple systems during forensic investigations. The logs are aggregated on a syslog collector and can then be fed into a SIEM/XDR platform for a SOC to monitor.

To configure syslog

1. Navigate to Device | Log | Syslog > Syslog Servers.

   

2. Click +Add.

   

3. Select the Name or IP Address of the Syslog server from the drop-down list.
4. Update fields as needed and click Add.