we need to send the kapsersky logs into logpoint. we have configured the kapsersky to send events to logpoint machine through syslog port 514 and protocol is UDP, but it does not send the logs. need help.
A
Userlevel 4
+7
I don’t think I have worked directly with a customer that is using Kaspersky, but from all the documentation I can find Kaspersky should be able to send straight forward Syslog traffic.
If there is no data coming in the first thing I would suggest is to remove the device from within Logpoint, and then go to Devices → “Add Bulk Devices” → “Detect Blocked Device” and see whether the Kaspersky device is showing up there. If it isn’t, then the Syslog traffic isn’t even hitting the Logpoint box.
If it does show up there, and when configured there is still no log data, then there is something else going on - there could be issues with timezones etc., or configuration on the source. That is probably best investigated through Support.
Reply
Sign up
Already have an account? Login
Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.
LOGIN AS PARTNER OR CUSTOMER Login with LinkedInLogin to the community
Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.
LOGIN AS PARTNER OR CUSTOMER Login with LinkedInEnter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.