- This topic is empty.
Viewing 1 post (of 1 total)
- Posts
Setting up Stealthwatch for Syslog
In Stealthwatch Management Console (SMC)
- Configuration > Response Management
- Enable all rules or specific rules that you want monitored
- For each rule you have enabled, ensure there is an Action for Syslog message
- Create Name and Description
- Ensure it is Enabled
- Syslog Server Address = IP address of your Precinct Streamer node
- UDP Port = 514
- Message Format = CEF
- Configuration > Response Management
Viewing 1 post (of 1 total)
- You must be logged in to reply to this topic.