Version:

Configuring ESET

Adding a Normalization Policy for ESET

  1. Go to Settings >> Configuration from the navigation bar and click Normalization Policies.

  2. Click Add.

  3. Enter a Policy Name.

  4. Select ESETCompiledNormalizer.

  5. Click Submit.

Create Device Panel

Selecting a Normalization Package

Adding ESET as a Device in LogPoint

  1. Go to Settings >> Configuration from the navigation bar and click Devices.

  2. Click Add.

  3. Enter a device Name.

  4. Enter the IP address(es) of the ESET server.

  5. Select the Device Groups.

  6. Select an appropriate Log Collection Policy for the logs.

  7. Select a collector or a forwarder from the Distributed Collector drop-down menu.

Note

It is optional to select the Device Groups, the Log Collection Policy and the Distributed Collector.

  1. Select a Time Zone.

Note

The timezone of the device must be the same as its log source.

  1. Configure the Risk Values for Confidentiality, Integrity and Availability used to calculate the risk levels of the alerts generated from the device.

  2. Click Submit.

Create Device Panel

Adding ESET as a Device

Configuring the Syslog Collector for ESET

  1. Go to Settings >> Configuration from the navigation bar and click Devices.

  2. Search for the previously added device.

  3. Click the Add icon from Actions.

  4. Click Syslog Collector.

Available Collectors Fetchers Panel

Available Collectors and Fetchers

  1. Select Syslog Parser as Parser.

  2. Select a Processing Policy that uses the previously created normalization policy.

  3. Select the Charset.

  4. Select None in Proxy Server.

  5. Click Submit.

Syslog Collector Panel

Configuring Syslog Collector

Helpful?

We are glad this guide helped.


Please don't include any personal information in your comment

Contact Support