FireEye

FireEye

To Forward Fireeye Logs

  1. Log in to the FireEye appliance by using the CLI.

  2. To activate configuration mode, type the following commands:

enable

configure terminal

  1. To enable rsyslog notifications, type the following command:

fenotify rsyslog enable

  1. To add BluSapphire Log Collector as a rsyslog notification consumer, type the following command:

fenotify rsyslog trap-sink blus

  1. To specify the IP address for the “Log Collector” system that you want to receive rsyslog trap-sink notifications, type the following command:

fenotify rsyslog trap-sink blus address <Log Collector_IP_address>

  1. To define the rsyslog event format, type the following command:

fenotify rsyslog trap-sink blus prefer message format cef

  1. To save the configuration changes to the FireEye appliance, type the following command:

write memory

PreviousTipping PointNextTo Forward Fireeye NX Alert Logs

Last updated