You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/unified-connector-cef-device.md
+5-7Lines changed: 5 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -84,13 +84,11 @@ Complete the following steps to configure Cisco Secure Email Gateway to forward
84
84
85
85
## Citrix Web App Firewall
86
86
87
-
Configure Citrix WAF to send syslog messages in CEF format to the proxy machine using the following steps.
87
+
Configure Citrix WAF to send syslog messages in CEF format to the proxy machine.
88
88
89
-
1. Follow [this guide](https://support.citrix.com/article/CTX234174) to configure WAF.
89
+
- Find guides to configure WAF and CEF logs from [Citrix Support](https://support.citrix.com/).
90
90
91
-
2. Follow [this guide](https://support.citrix.com/article/CTX136146) to configure CEF logs.
92
-
93
-
3. Follow [this guide](https://docs.citrix.com/en-us/citrix-adc/13/system/audit-logging/configuring-audit-logging.html) to forward the logs to proxy. Make sure you to send the logs to port 514 TCP on the Linux machine's IP address.
91
+
- Follow [this guide](https://docs.citrix.com/en-us/citrix-adc/13/system/audit-logging/configuring-audit-logging.html) to forward the logs to proxy. Make sure you to send the logs to port 514 TCP on the Linux machine's IP address.
94
92
95
93
## Claroty
96
94
@@ -125,7 +123,7 @@ Set your security solution to send syslog messages in CEF format to the proxy ma
125
123
126
124
Set your security solution to send syslog messages in CEF format to the proxy machine. Make sure to send the logs to port 514 TCP on the machine IP address.
127
125
128
-
1. Follow the directions to install the [ExtraHop Detection SIEM Connector bundle](https://aka.ms/asi-syslog-extrahop-forwarding) on your Reveal(x) system. The **SIEM Connector** is required for this integration.
126
+
1. Follow the directions to install the [ExtraHop Detection SIEM Connector bundle](https://learn.extrahop.com/extrahop-detection-siem-connector-bundle) on your Reveal(x) system. The **SIEM Connector** is required for this integration.
129
127
1. Enable the trigger for **ExtraHop Detection SIEM Connector - CEF**.
130
128
1. Update the trigger with the ODS syslog targets you created.
131
129
@@ -334,7 +332,7 @@ Refer to the Onapsis in-product help to set up log forwarding to the syslog agen
334
332
335
333
Configure Palo Alto XDR (Cortex) to forward messages in CEF format to your Microsoft Sentinel workspace via the syslog agent.
336
334
337
-
1. Go to [Cortex Settings and Configurations](https://inspira.xdr.in.paloaltonetworks.com/configuration/external-alerting).
335
+
1. Go to **Cortex Settings and Configurations**.
338
336
1. Select to add **New Server** under **External Applications**.
339
337
1. Then specify the name and give the public IP of your syslog server in **Destination**.
Copy file name to clipboardExpand all lines: articles/sentinel/unified-connector-syslog-device.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -22,7 +22,7 @@ For more information about the related Microsoft Sentinel solution for each of t
22
22
23
23
## Blackberry CylancePROTECT
24
24
25
-
[Follow these instructions](https://docs.blackberry.com/content/dam/docs-blackberry-com/release-pdfs/en/cylance-products/syslog-guides/Cylance%20Syslog%20Guide%20v2.0%20rev12.pdf) to configure the CylancePROTECT to forward syslog. Use the IP address or hostname for the Linux device with the Linux agent installed as the **Destination IP** address.
25
+
[Follow these instructions](https://docs.blackberry.com/en/unified-endpoint-security/blackberry-ues/cylance-syslog-guide/Configure_Syslog_Settings) to configure the CylancePROTECT to forward syslog. Use the IP address or hostname for the Linux device with the Linux agent installed as the **Destination IP** address.
26
26
27
27
## Cisco Application Centric Infrastructure (ACI)
28
28
@@ -188,8 +188,8 @@ This data connector was developed using Ivanti Unified Endpoint Management Relea
188
188
189
189
Complete the following configuration steps to get McAfee® Network Security Platform logs into Microsoft Sentinel.
190
190
191
-
1.[Follow these instructions](https://docs.mcafee.com/bundle/network-security-platform-10.1.x-product-guide/page/GUID-E4A687B0-FAFB-4170-AC94-1D968A10380F.html) to forward alerts from the manager to a syslog server.
192
-
2. You must add a syslog notification profile. See [more details here](https://docs.mcafee.com/bundle/network-security-platform-10.1.x-product-guide/page/GUID-5BADD5D7-21AE-4E3B-AEE2-A079F3FD6A38.html). While creating profile, to make sure that events are formatted correctly, enter the following text in the Message text box:
191
+
1.Forward alerts from the manager to a syslog server.
192
+
2. You must add a syslog notification profile. While creating profile, to make sure that events are formatted correctly, enter the following text in the Message text box:
@@ -200,7 +200,7 @@ This data connector was developed using McAfee® Network Security Platform versi
200
200
201
201
## McAfee ePolicy Orchestrator
202
202
203
-
[Follow these instructions](https://docs.mcafee.com/bundle/epolicy-orchestrator-5.10.0-product-guide/page/GUID-5C5332B3-837A-4DDA-BE5C-1513A230D90A.html) to add register syslog server.
203
+
Contact the provider for guidance on how to register a syslog server.
0 commit comments