Help Document

Adding CEF devices

  • In the Log360 Cloud console, navigate to Settings -> Configuration Settings -> Log source configuration -> Applications -> Security Applications -> Add Security Applications
  • Adding SQL server
  • Select Add-on type as CEF Format
  • Expand the list by clicking the "+" icon to add a new device.
  • Choose from the drop-down menu to add Configured devices, Workgroup devices, domain devices, etc.
  • Adding SQL server
  • To add new devices manually, click on Configure Manually and enter Log Source
  • Adding SQL server
  • Click on Select and Add to add the log source.
  • Use the Select Agent dropdown to select the device that is the agent to which the logs will be forwarded.
  • The applications will now be added for monitoring.

Adding Common Event Format (CEF) Devices

  1. Login to the application or device which supports CEF log format.
  2. Go to syslog server configuration.
  3. In the field for Log Format, select CEF Format.
  4. In the Syslog Server IP address field, enter the <IP address or host name of the Log360 Cloud Agent server>.
  5. Enter the syslog port <default 514> and save the configuration.
  6. To add CEF devices to Log360 Cloud, click here.