Version:

Configuring the Application

Adding a Normalization Policy for Unix Application

  1. Go to Settings >> Configuration >> Normalization Policies.

  2. Click Add.

  3. Enter a Policy Name.

  4. Select the Compiled Normalizer for Unix.

  5. Click Submit.

_images/norm1barracuda.png

Adding a Normalization Policy

Adding Unix as a Device in LogPoint

  1. Go to Settings >> Configuration >> Devices.

  2. Click Add.

Create Device Panel

Creating Unix as a Device

  1. Enter a device Name.

  2. Enter the IP address(es) of the Unix server.

  3. Select the Device Groups.

  4. Select an appropriate Log Collection Policy for the logs.

  5. Enter a collector or a forwarder in the Distributed Collector.

Note

It is optional to select the Device Groups, the Log Collection Policy, and the Distributed Collector.

  1. Select a Time Zone.

Note

The timezone of the device must be the same as that of its log source.

  1. Configure the Risk Values for Confidentiality, Integrity, and Availability used to calculate the risk levels of the alerts generated from the device.

  2. Click Submit.

Configuring the Syslog Collector for Unix

  1. Click Syslog Collector on the Available Collectors Fetchers panel.

Available Collectors Fetchers Panel

Available Collectors Fetchers Panel

  1. Select the Syslog Parser.

Syslog Collector Panel

Syslog Collector Panel

  1. Select the Processing Policy which contains the previously added normalization policy.

  2. Select the Charset.

  3. Select None as Proxy Server.

  4. Click Submit.

Helpful?

We are glad this guide helped.


Please don't include any personal information in your comment

Contact Support