Configuring the Syslog Service on FireEye devices

1. Login to the FireEye device as an administrator.
2. Navigate to Settings > Notifications, select rsyslog and the Event type.
3. Click Add Rsyslog Server.
4. In the dialog box that opens, enter the EventLog Analyzer server IP address in the given field. Choose UDP as the protocol and the format as CEF (default).
5. Click Save.