- KNOWLEDGE BASE
- DEVICE INTEGRATION
-
START YOUR TRIAL
-
DEVICE INTEGRATION
-
CONNECTORS
-
DATA INGESTION
-
HUNTING WITH WORKBOOKS
-
DNIF Query Language (DQL Language)
-
SECURITY MONITORING
-
OPERATIONS
-
MANAGE DASHBOARDS
-
MANAGE REPORTS
-
USER MANAGEMENT & ACCESS CONTROL
-
BILLING
-
MANAGING YOUR COMPONENTS
-
GETTING STARTED
-
INSTALLATION
-
SOLUTION DESIGN
-
AUTOMATION
-
TROUBLESHOOTING AND DEBUGGING
-
LICENSE MANAGEMENT
-
RELEASE NOTES
-
API
-
POLICIES
-
SECURITY BULLETINS
-
BEST PRACTICES
-
DNIF AI
-
DNIF LEGAL AND SECURITY COMPLIANCE
CyberArk PIM
This article describes the steps to configure log forwarding for CyberArk Privileged Identity Management (CEF)
- On the PTA machine, open the default systemparm.properties file using the DEFAULTPARM command.
- Copy the line containing the syslog_outbound property, and exit the file.
- Open the local systemparm.properties file using the LOCALPARM command.
- Press i to edit the file.
- Paste the line you copied, uncomment the syslog_outbound property and edit the parameters. Use the following table as a guide.
| Parameter | Description |
| siem | Enter the DNIF system |
| format | The format used to transfer the syslog records to the server where your SIEM solution is installed. Enter: CEF |
| host | The Host/IP address of the server where your SIEM solution is installed. |
| port | The port number through which the syslog records will be sent to the server where your SIEM solution is installed. |
| protocol | The protocol used to transfer the syslog records to the server where your SIEM solution is installed. |
Example:
syslog_outbound=[{"siem": "DNIF", "format": "CEF", "host": "DNIF_IP_ADDRESS", "port": 514, "protocol": "TCP/UDP"}]
- Save the configuration file and close it.
- Restart PTA.