For each Syslog server, you must specify the following settings. Find these in the Infrastructure, Logging, External Logging, Syslog n policy folders.
Enter the IP address or fully qualified domain name of the Syslog server.
Specify the port number that the Syslog listens on. By default, Syslog servers use port 514.
Specifies the maximum length (in characters) for log messages copied to a Syslog server. The Syslog protocol defines a maximum length of 1024 characters, but many Syslog servers can accept longer messages.
Specifies the port(s) that CA DataMinder uses to send log messages to Syslog server. If required, you can specify a range of consecutive port numbers (such as 510—515) or a comma-separated list of port numbers and ranges (such as 501,505,510—515).
Specifies the format for data transfers to the Syslog server. Choose either:
All Syslog servers support this protocol.
Specifies an extension to the RFC 3164 protocol.
We recommend that you choose the RFC 3164 protocol unless you are certain that your Syslog server supports the extension published in the Internet Draft Document.
Choose this option if your Syslog server supports CEF. For example, ArcSight uses CEF. If you do choose CEF, some further policy configuration is needed; see the next section.
If your Syslog server does not support CEF, choose this option.
|
Copyright © 2014 CA.
All rights reserved.
|
|