Enabling CEF logging on a NetScaler Application Firewall Appliance The Citrix NetScaler appfw allows the user to enable the CEF Logging from Graphical User Interface (GUI) as well as from the command line interface. The CEF Logging is disabled by default. $ set appfw settings CEFLogging on In GUI, you can enable this parameter from […]
This article describes the steps to configure McAfee Web Gateway Audit events are sent using the auth facility at the informational severity (6). So your rsyslog configuration would specify auth.=info.
McAfee Web Gateway Read More »
In order to leverage on the OOTB usecases that are based on Windows SYSMON-PROCESS, SYSMON-NETWORK, SYSMON-FILE, SYSMON-IMAGE-LOAD, SYSMON-REGISTRY, SYSMON-WMI, SYSMON-PIPE, SYSMON-SERVICE and SYSMON-DNS, one must install this service on their Windows host. Failure to do so, will result in non functioning workbooks that have a prerequisite of installation of stated services. System Monitor (Sysmon) is
Windows Sysmon and NXLog Read More »
Microsoft SQL Server is a relational database management system developed by Microsoft. As a database server, it is a software product with the primary function of storing and retrieving data as requested by other software applications which may run either on the same computer or on another computer across a network.This document has been written
Internet Information Services (IIS) is a flexible, general-purpose web server from Microsoft that runs on Windows systems to serve requested HTML pages or files. Supports integration with 32 bit and 64 bit Windows machines. Integration of IIS Webserver Logs via NXLog with DNIF To configure NXLog to send IIS Webserver access logs to DNIF Adapter.
Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things. Integration of Ubuntu system Logs with DNIF To forward Ubuntu System logs to DNIF Adapter make the following configuration Log in to the server as the root user, install syslog package, if you
Integration of Juniper Advanced Threat Prevention with DNIF Alert notification configuration options Alert notifications for events or system audits are available only if Outgoing Mail Settings are configured from the Config>System Settings menu. Descriptions of Events alert settings are provided in the following tables. Type Select the type of notification to be configured: Event Format Select CEF or
Juniper Cortex Threat Read More »
The SRX Series Services Gateways are high-performance security, routing and network solutions for enterprise and service providers. To configure the SRX: Login to the Juniper device as an administrator. Set the security log mode Set the security log format to sd-syslog Set the security log source-address Set the security log stream Set the host IP
Organization uses Websense solutions to protect you and other users against advanced web-based threats and data theft while on and off the corporate network. Integration of Websense Proxy Logs with DNIF Navigate to Settings > General > SIEM Integration to configure Websense software, to send log data from Filtering Service to a supported Security Information and Event
Forcepoint Websense Read More »
The FireEye appliance detects stealthy web, file, or email-based malware that uses malicious techniques to exploit client browsers, operating systems, emails and applications. Configure to send logs in CEF format: Log into the FireEye appliance with an administrator account Click Settings > Notifications > rsyslog Check the “Event type” check box Ensure Rsyslog settings are
