Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
cloudappliance/syslog [2019_10_04 06:34]
jim [File Fabric Audit Logs]
cloudappliance/syslog [2019_10_04 12:12] (current)
jim [Step 1]
Line 23: Line 23:
  
 syslog is a standard for message logging. It allows separation of the software that generates messages and is often used from a software perspective for security audit logging. Such messags can subsequently be integrated into log aggregation tools such as Splunk. syslog is a standard for message logging. It allows separation of the software that generates messages and is often used from a software perspective for security audit logging. Such messags can subsequently be integrated into log aggregation tools such as Splunk.
 +
 +Splunk is widely used among enterprise security teams for breach investigations. Enabling syslog provides the ability to feed audit events into Splunk, enabling conmpanies to evaluate potential data breaches through the same means they use to investigate issues with other internally used applications and/or services.
  
 The syslog functionality can be enabled by logging in as appladmin, going to Site Functionality and setting "​Enable write audit events to syslog"​ to yes. The syslog functionality can be enabled by logging in as appladmin, going to Site Functionality and setting "​Enable write audit events to syslog"​ to yes.