AlienVault® USM Anywhere™

USM Anywhere Log Collection

Role Availability Read-Only Analyst   Manager

Syslog is a message logging standard supported by most devices and operating systems. USM Anywhere can collect syslog data from devices in your environment and produce corresponding security events and alarms. You can forward syslog data from specific device types to the IP address and port of the USM Anywhere Sensor.

Note: See The Syslog Server Sensor App, Data Sources and Log Processing, and Enabling syslog Connections in an AWS VPC for more information.

To open the Log Collection page

  1. Go to Settings > System.
  2. In the left navigation panel, click Log Collection.

    Log Collection main window

  3. Click How do I configure my device? and select the proper documentation for your network device.

    Device Configuration Documentation dialog box