Remaining 30% to Complete

Event Log Manager

We have configured ELM to archive data logs received in four distinct index locations.

Here are the index names we have chosen:

  1. network – for all data logs received on port 514 (e.x. Switches, UPS, SAN, Unix Servers, etc).
  2. fortigate – for all data logs received on port 513 (works with FortiGate, Cisco and SonicWall).
  3. winlogbeat – for all data logs received on port 5044 (works with all Windows systems).
  4. meru – for all data logs received on port 517 (works with Meru WiFi devices).

If the indexes do not appear, this means that no data is being received on the corresponding port for the index. In this case, please review the document on how to configure your devices to send logs to BLËSK.

 

Suggest Edit