- This topic has 0 replies, 1 voice, and was last updated 6 years, 4 months ago by
.
- Posts
Complete the following steps to send data to WitFoo using CEF over SYSLOG:
■ Log into the FireEye appliance with an administrator account
■ Click Settings
■ Click Notifications
■ Click rsyslog
■ Check the “Event type” check box
■ Next to the “Add Rsyslog Server” button, type “CEF”.
■ Then click the “Add Rsyslog Server” button.
■ Enter the IP address of the WitFoo Precinct server in the “IP Address” field.
Make sure rsyslog settings are:
■ Format: CEF
■ Delivery: Per event
■ Send as: AlertNow you can test the sending and receiving of notifications on the same FireEye Notifications page by clicking the “Test-Fire” button at the bottom. Flip back over to the WitFoo “Search” interface and search for the IP address of the FireEye Managment Console.
- You must be logged in to reply to this topic.