Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

About Sending Syslog Data to Skyhigh Security Manager

  1. Last updated
  2. Save as PDF

Data that is logged on Web Gateway in syslog log files can be sent to Skyhigh Security Security Manager (Trellix ESM).

The data transfer is controlled by a rule in a rule set that is available in the online rule set library for Web Gateway. The component of Trellix ESM that the data is sent to is the Skyhigh Security SIEM Receiver.

To enable the transfer, you adapt a system file for remote use of syslog data on Web Gateway. The name of this system file is rsyslog (the r in the file name stands for remote). You must also configure the Skyhigh Security SIEM Receiver to let Web Gateway be included as a data source in the Trellix ESM environment.

Version 9.3.2 or a later version of Trellix ESM is required for the data transfer to work.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    1. Web Gateway