cancel
Showing results for 
Search instead for 
Did you mean: 

Graylog2 as syslog relay

Jump to solution

Hello guys,

I have got Graylog2 server which is going to resend pre-selected logs from many log sources McAfee Event Receiver.

Problem is that I do not have any idea how to setup in on McAfee site.

Shall I add each log source seperatly and select syslog relay option?

Shall I add Relay Server first as a log source and then somehow add log sources which are sending data to this Relay server?

Can you help me with it, pls?

1 Solution

Accepted Solutions

Re: Graylog2 as syslog relay

Jump to solution

Hi,

Hope this helps. This scenario is for Splunk but same can be applicable for other syslog servers forwarding syslog data to McAfee SIEM.

Regards,

Vinaya

7 Replies

Re: Graylog2 as syslog relay

Jump to solution

Hi,

Hope this helps. This scenario is for Splunk but same can be applicable for other syslog servers forwarding syslog data to McAfee SIEM.

Regards,

Vinaya

Re: Graylog2 as syslog relay

Jump to solution

Many thx for this document

Take Care

Michał

rth67
Level 12
Report Inappropriate Content
Message 4 of 8

Re: Graylog2 as syslog relay

Jump to solution

Did you set the individual data sources up as Child objects or Clients of the Forwarder?

Highlighted

Re: Graylog2 as syslog relay

Jump to solution

Hi,

Can't remember it was year ago. Sorry

minki
Level 9
Report Inappropriate Content
Message 6 of 8

Re: Graylog2 as syslog relay

Jump to solution

Hi Vinaya, I hope you are still active on this forum.

I was following the document shared by you but didn't find "syslog" data source under " Data Source Vendor". Is this option no more available in new releases.I am using 9.6.x.Please suggest.

McAfee Employee andy777
McAfee Employee
Report Inappropriate Content
Message 7 of 8

Re: Graylog2 as syslog relay

Jump to solution

"Syslog" was changed to "Generic". Please use that.

minki
Level 9
Report Inappropriate Content
Message 8 of 8

Re: Graylog2 as syslog relay

Jump to solution

Much Thanks Andy

Cheers!

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community