Hi,
due to compliance reasons our company has to log all security relevant events in central SIEM systems.
After configuring the LogManager Settings in goanywhere services (currently 3.4.2) it seems that only the "Remarks" column gets sent over the Syslog connection.
Pattern: Date GAServerName Identifier RemarksColumn
This is not sufficient for us - only the "Remarks" column doesn't bring up any context for correlation and log analysis.
Which settings we have to configure to also get the Remote IP Adresses, Usernames, Ports, Physical Pathes, and FileSizes in the Syslog Messages?
Thanks In advance
mle
Syslog Support in GA Services
Post any question you may have in regards to GoAnywhere Services and let our talented support staff and other users assist you.
Re: Syslog Support in GA Services
I am using version 5.1.3 and I would like the same information to go to our SIEMS. What settings need to be made in GoAnywhere Services to make this happen.
Thank you,
Ed
Thank you,
Ed
Re: Syslog Support in GA Services
Same thing here. I enabled syslog and have a bout load of "restricted IP Address" messages being logged, but it doesn't give the IP.
@Linoma - any ideas on how to get usable info in the syslog message?
@Linoma - any ideas on how to get usable info in the syslog message?
- Support_Rick Offline
- Support Specialist
- Posts: 590
- Joined: Tue Jul 17, 2012 2:12 pm
- Location: Phoenix, AZ
- Contact:
Re: Syslog Support in GA Services
GAMFT Version 5.3 had some syslog enhancements that should address this:
> Enhanced the Syslog capabilities to support Structured Data, including the ability to specify what audit information gets sent to the Syslog server.
> Enhanced the Syslog capabilities to support Structured Data, including the ability to specify what audit information gets sent to the Syslog server.
Rick Elliott
Lead Solutions Consultant
(402) 944.4242
(800) 949-4696
Lead Solutions Consultant
(402) 944.4242
(800) 949-4696