Cynet
Before you begin, you'll need:
- An active Cynet license
- Cynet login credentials
- Syslog Server
- Root priveleges on your machines
Configure Cynet to send syslog notifications to a remote Syslog server
- On your Cynet web interface, go to Setting > Advanced.
-
Select the box beside Send Audit Records to SIEM.
-
Go to Configuration > SIEM settings and enable the following configuration:
- UDP
- IP - public IP address of your syslog server
-
Port - port that is configured on your syslog server. We use 9000 in this example, but you can change it to your preference.
-
Press Add. The added IP and port will appear on the screen.
Note: These instructions are based on UDP. If you want to use TCP, make sure your syslog server configuration is aligned with this.
Providing Information to Configure SecurIST
After configuring Cynet to send syslog notifications, please provide the following information to us to complete the setup on our side:
- Public IP Address of Syslog Server: The IP address configured in the Cynet SIEM settings.
- Port Number: The port number configured in the Cynet SIEM settings.
Log Source Details:
- Type of log data (e.g., audit records, security events).
- Any specific identifiers or tags used.
Log Data Format:
- Confirm that the log data format is compatible with your syslog server (typically structured as plain text or JSON over UDP/TCP).
Please send the above details to our support team via an "Onboard Log source request in your SecurIST platform
Getting Help
If you encounter any issues or need assistance during this process, our support team is here to help. You can reach out to us through:
Support Portal: Submit a ticket via our support portal for detailed assistance. Documentation: Refer to our extensive documentation library for troubleshooting and additional guides.
By providing these details, we will be able to configure SecurIST to accept and process Bitdefender logs for your SIEM service.