Darktrace
  • 1 Minute to read
  • Contributors
  • Dark
    Light
  • PDF

Darktrace

  • Dark
    Light
  • PDF

This article describes the steps to configure syslog forwarding for Darktrace.

Prerequisites

  • Configure Darktrace to send logs.
  • Ensure you are a Darktrace Administrator with access to the User Interface.

To configure syslog forwarding for Darktrace:

  1. Log in to the Darktrace interface.
  2. Expand the top left menu and select Admin. A second menu appears.
  3. Select the System Config page.

image.png

  1. In the Alerting section, click Verify Alert Settings.
  2. Set the following parameters:
      1. CEF Syslog Alerts as True.
    1. The syslog server to the IP address of the DNIF Adapter.
    2. Set a unique port.
    3. CEF Syslog TCP Alerts as True.

image.png

  1. Darktrace will automatically save your changes.
  2. In the Alerting section, click Verify Alert Settings.

image.png

  1. You will view 1 Alert Sent. IMAP settings are valid message, on validating.

Was this article helpful?

What's Next