McAfee Webgateway - send VRRP events to Syslog Server
Hi, is it possible to sent vrrp events to a remote syslog server (splunk)? Right now we are not aware of any vrrp changes if we do not check the system/messages log.. Would it be possible to send the content of the "messages" file via syslog?
Re: McAfee Webgateway - send VRRP events to Syslog Server
Hi Jon, sorry for the delayed answer.. I configured daemon.info @splunkIP:514 but still do not get any logs into the siem furthermore I found this entry in message log: kernel: Kernel logging (proc) stopped.
If I configure *.* @splunkIP , wouldn't the proxy send all kind of logs to the siem?