Moved from Buisness > Community Support > Security Information and Event Management > (Siem) > Discussions for better Assistance.
Consumer Products Moderator
1 of 1 people found this helpful
To send logs to the ELM, check the Logging box under each data source and associate it to the ELM pool. Syslog forwarding the logs to the ELM is not required and would not work. The Receiver sends logs to the ELM either when they reach 5 megs in size or are 4 hours old. Thanks.
thank you for the reply. it work now and sounds Nitro take over all control of the box, include iptables/firewall, the configuration changes such as 'write device/data source settings to receiver' will cause new rules are added to firewall by Nitro and block other boxes connecting Nitro. More, make sure your syslog server listen 'raw' syslog from Nitro on UDP.