• Support
  • Forums
  • Blogs

how can I take log files that are on a Kiwi server and have them processed into a sandbox USM?

James_KokotovichJames_Kokotovich

New Life Form
for compliance reasons and the fact that all of my logs and database were flushed out and I need to get the ability to be able to search back 90 days. the over all log retention is in a Kiwi server so I have data there but I need the last 90 days in AV. any support can and would be awesome from everyone.

Share post:

Answers

  • Can't you store the logs in Kiwi for compliance reasons and then use the syslog forwarding feature in Kiwi to send them over to USM Appliance?  
  • James_Kokotovich,

    You would need to do a transparent forward from the Kiwi server for the logs to be parsed properly, which I do not believe Kiwi can do. This said, the signature will not match the previous logs, which may be of concern if you are doing compliance retention.

    This brings us back to bshopp's question. If we are looking for compliance retention, does the Kiwi server sign the logs, and does that meet the qualifications? For many users, this would meet the retention requirement.
Sign In or Register to comment.