LogRhythm currently provides configuration guides for more than 60 syslog log sources, but the SIEM supports many more.
Our goal is to provide a configuration guide for every device the SIEM supports. If your syslog log source is not included yet, rest assured that we are working on it.
Recently Added Guides
| Name | Date |
|---|
| V 2.0 : Syslog - Symantec Endpoint Server (Configuration Guide) | October 18, 2021 |
| Syslog - Cisco Firepower | October 11, 2021 |
| V 2.0 : Syslog - Palo Alto Firewall (Configuration Guide) | October 4, 2021 |
| Syslog - Linux Host | October 4, 2021 |
| Syslog - VMWare ESX/ESXi Server | October 4, 2021 |
| Syslog – CA Priviledged Access Manager | August 26, 2021 |
| Syslog - Dell Remote Access Controller | August 26, 2021 |
| Syslog - F5 BIG-IP ASM | August 26, 2021 |
| Syslog - Forcepoint Stonesoft NGFW | August 26, 2021 |
| Syslog - Linux Audit | August 26, 2021 |
| Syslog - Pulse Secure | August 26, 2021 |
| Syslog - McAfee ePO | July 20. 2021 |
| Syslog - Fortinet FortiGate v6.0 | July 20, 2021 |
| Syslog - CB Response LEEF | July 20, 2021 |
| Syslog - VMware Unified Access Gateway | July 20, 2021 |
| Syslog - Cisco ASA | June 24, 2021 |
| Syslog - Fortinet FortiGate v5.4/v5.6 | June 24, 2021 |
| Syslog - Lancope StealthWatch CEF | June 24, 2021 |
| Syslog - Zscaler Nano Streaming Service | June 24, 2021 |
| Syslog - Dragos Platform CEF | March 8, 2021 |
| Syslog - F5 BIG-IP LTM | March 8, 2021 |
| Syslog - McAfee ePO | March 8, 2021 |
| Syslog - Palo Alto Cortex XDR | March 8, 2021 |
| Syslog - Netskope CEF | December 2, 2020 |
| Syslog - Fortinet FortiAuthenticator | July 14, 2020 |
Deprecated Guides
| Name | Date |
|---|
| Solera Connector | March 25, 2020 |
Only Global Admins or Restricted Admins with elevated View and Manage privileges can take this action.
These instructions assume you have already completed all procedures described in the specific device configuration guide for the logs you want to collect.
- In the Client Console on the main toolbar, click Deployment Manager.
- Click the System Monitors tab.
- Double-click the System Monitor Agent that collect the information.
The System Monitor Agent Properties dialog box appears. - Click the Agent Settings tab.
- Right-click anywhere in the Log Message Sources Collected by this Agent grid, and then click New.
- Click the Basic Configuration tab.
For Log Message Source Type, select the name of the log as provided in the device configuration guide, and then click OK.
Complete any additional steps described in the unique Device Configuration Guide, such as providing the file path to the .ini file on the Flat File Settings tab or uploading an .xml file on the UDLA settings tab.
To save the configuration, click OK, and then click OK again.