Device | Details |
---|---|
Vendor | Kaspersky |
Device Type | Management platform |
Connection Type | Syslog |
Data Source Name | kaspersky-sc |
Data Source ID | 1737 |
Integrating Kaspersky Security Center
Before you configure the Kaspersky Security Center integration, you must have the IP address of the Sheriff CSM Sensor (Deputy). To configure Kaspersky Security Center to forward log data over syslog to Sheriff CSM- Log in to the Kaspersky Security Center.
-
Configure event export using the Common Event Format (CEF) protocol. See Kaspersky Online Help on enabling automatic export for instructions.
Note: The kaspersky-sc plugin supports syslog, Log Event Extended Format (LEEF), and CEF protocols. AT&T Cybersecurity recommends using CEF for better performance.
-
In the SIEM system server address field, enter the IP address of the Sheriff CSM Sensor.
Sheriff CSM listens for syslog at UDP or TCP port 514.