To Forward Fireeye NX Alert Logs

To Forward Fireeye NX Alert Logs

  1. Log in to the FireEye NX using web interface.

  2. Go to Settings > Notifications

  3. Tick rsyslog to enable a Syslog notification configuration.

  4. Enter a name to label your FireEye connection to the “Log Collector” in the Name field.

  5. Click the Add Rsyslog Server button.

  6. Enter the <Log Collector IP Address> in the IP Address field.

  7. Tick the Enabled check box.

  8. Select Per event in the Delivery drop-down list.

  9. Select All Events from the Notifications drop-down list.

  10. Select CEF as the Format drop-down list. Other formats are not supported.

  11. Leave the Account field empty.

  12. Select UDP from the Protocol drop-down list.

  13. Click the Update button.

PreviousFireEyeNextUBUNTU

Last updated