 |
You are here: Docs>Sheriff Web>UserGuides>SheriffCSMDocumentation>DeploymentGuide>PluginManagement>ConfigureLogForwardingOnCommonlyUsedDataSources>ComodoAntivirus (28 Jun 2022, SheriffCyberSecurity)Edit Attach
Up
Previous Next Comodo Antivirus When you configure Comodo Antivirus to send log data to Sheriff CSM, you can use the Comodo Antivirus plugin to translate raw log data into normalized events for analysis. The table below provides some basic information for the plugin: Plugin Information
Previous Next Comodo Antivirus When you configure Comodo Antivirus to send log data to Sheriff CSM, you can use the Comodo Antivirus plugin to translate raw log data into normalized events for analysis. The table below provides some basic information for the plugin: Plugin Information
| Device | Details |
|---|---|
| Vendor | Comodo |
| Device Type | Antivirus |
| Connection Type | Syslog |
| Data Source Name | Comodo-antivirus |
| Data Source ID | 1562 |
Integrating Comodo Antivirus
Before you configure the Comodo Antivirus integration, you must have the IP Address of the Sheriff CSM Sensor (Deputy). To configure Comodo Antivirus to send Syslog messages to Sheriff CSM- From the Comodo IT and Security Manager console, navigate the Comodo Client Security interface and select Advanced Settings > General Settings > Logging to display the Logging tab page.
-
Select the Write to syslog server (CEF format) check box.
-
In the Host field, enter the Sheriff CSM IP address or hostname.
-
In the Port field, specify 514.
- Save your changes.
Plugin Enablement
For plugin enablement information, see Enable Plugins.Additional Resources and Troubleshooting
https://help.comodo.com/topic-399-1-790-10354-.html For troubleshooting, refer to the vendor documentation: https://help.comodo.com/Edit | Attach | Print version | History: r7 < r6 < r5 < r4 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r7 - 28 Jun 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.