Syslog Log Sources

LogRhythm currently provides configuration guides for more than 60 syslog log sources, but the SIEM supports many more.

Our goal is to provide a configuration guide for every device the SIEM supports. If your syslog log source is not included yet, rest assured that we are working on it.

Recently Added Guides

Name	Date
Syslog - SonicWall SonicOS/X	May 10, 2023
Syslog - Cisco ISE 1	April 26, 2023
Syslog - Aruba Clear Pass	March 1, 2023
Syslog - Forcepoint Web Security V2.0	February 15, 2023
Syslog - Symantec DLP CEF	February 15, 2023
Syslog - Cisco Secure Email	February 15, 2023
Syslog - HPE OneView	February 1, 2023
Syslog - FireEye MPS	January 18, 2023
Syslog - Imperva Incapsula CEF	January 18, 2023
Syslog - Tanium	January 18, 2023
Syslog - Juniper Junos	December 7, 2022
Syslog - Cisco Secure Web	September 21, 2022
Syslog - Trend Micro Email Security	September 7, 2022
Syslog - Trend Micro Deep Discovery	August 24, 2022
Syslog - Forcepoint CASB	August 10, 2022

Deprecated Guides

Name	Date
Solera Connector	March 25, 2020

Configure LogRhythm to Collect Logs

Only Global Admins or Restricted Admins with elevated View and Manage privileges can take this action.

These instructions assume you have already completed all procedures described in the specific device configuration guide for the logs you want to collect.

In the Client Console on the main toolbar, click Deployment Manager.
Click the System Monitors tab.
Double-click the System Monitor Agent that collect the information.
The System Monitor Agent Properties dialog box appears.
Click the Agent Settings tab.
Right-click anywhere in the Log Message Sources Collected by this Agent grid, and then click New.
Click the Basic Configuration tab.
For Log Message Source Type, select the name of the log as provided in the specific device configuration guide, and then click OK.
Complete any additional steps described in the specific device configuration guide, if applicable.
To save the configuration, click OK, and then click OK again.