External Logging » History » Version 1
Version 1/2
-
Next » -
Current version
Luke Murphey, 04/03/2010 01:03 PM
Logging to a SEIM or Log Management System¶
NSIA can forward the logs to a SEIM (Security Event and Information Management) system such as ArcSight or to a log management such as Splunk. NSIA sends logs via the Syslog protocol and can therefore submit logs to nearly any device that accepts syslog messages. To set up logging, open the configuration page by clicking "Modify Configuration" in the web interface from the main dashboard. Look for the section titled "Logging Subsystem." The logging system has the following options:
| Option | Description |
| Log Format | Defines how the log messages are contructed (see below for details) |
| Syslog Server Address | The address to send the messages to |
| Syslog Log Port | The port to send the messages to |
| Logging Enabled | Enables or disables external logging |
| Transport Protocol | Determines if TCP or UDP is used |