Section 5 User activity logging
5.1 Activity logging ACTIVLOG
GUID-BED7C3D6-6BE3-4DAC-84B3-92239E819CC0 v1
ACTIVLOG contains all settings for activity logging.
There can be 6 external log servers to send syslog events to. Each server can be
configured with IP address; IP port number and protocol format. The format can be
either syslog (RFC 5424) or Common Event Format (CEF) from ArcSight.
PID-3428-SETTINGS v1
Table 6: ACTIVLOG Non group settings (basic)
Name Values (Range) Unit Step Default Description
ExtLogSrv1Type Off
SYSLOG UDP/IP
SYSLOG TCP/IP
CEF TCP/IP
-
- Off External log server 1 type
ExtLogSrv1Port 1 - 65535 - 1 514 External log server 1 port number
ExtLogSrv1IP 0 - 18 IP
Address
1 127.0.0.1 External log server 1 IP-address
ExtLogSrv2Type Off
SYSLOG UDP/IP
SYSLOG TCP/IP
CEF TCP/IP
-
- Off External log server 2 type
ExtLogSrv2Port 1 - 65535 - 1 514 External log server 2 port number
ExtLogSrv2IP 0 - 18 IP
Address
1 127.0.0.1 External log server 2 IP-address
ExtLogSrv3Type Off
SYSLOG UDP/IP
SYSLOG TCP/IP
CEF TCP/IP
-
- Off External log server 3 type
ExtLogSrv3Port 1 - 65535 - 1 514 External log server 3 port number
ExtLogSrv3IP 0 - 18 IP
Address
1 127.0.0.1 External log server 3 IP-address
ExtLogSrv4Type Off
SYSLOG UDP/IP
SYSLOG TCP/IP
CEF TCP/IP
-
- Off External log server 4 type
ExtLogSrv4Port 1 - 65535 - 1 514 External log server 4 port number
ExtLogSrv4IP 0 - 18 IP
Address
1 127.0.0.1 External log server 4 IP-address
ExtLogSrv5Type Off
SYSLOG UDP/IP
SYSLOG TCP/IP
CEF TCP/IP
-
- Off External log server 5 type
ExtLogSrv5Port 1 - 65535 - 1 514 External log server 5 port number
Table continues on next page
1MRK 511 454-UEN A Section 5
User activity logging
GMS600 1.3 31
Cyber security deployment guideline
To Next Page
Loading...
