Click here to expand

    Malwarebytes Reports

    Malwarebytes Reports

    EventLog Analyzer collects log data from Malwarebytes and presents it in the form of graphical reports. For the solution to start collecting this log data, the device has to be added as a threat source.

    Adding Malwarebytes as a threat source:

    To add a Malwarebytes as a threat source, the syslog service has to be configured.

    1. Log into the Management console of the Malwarebytes device.
    2. Navigate to the Admin pane and open the Syslog Settings tab.
    3. Click Change and tick the Enable Syslog check box.
    4. To export traffic monitoring logs to the EventLog Analyzer server, enter the following details in the space provided:
      • Address <EventLog Analyzer server IP address>
      • Port <513/514>
      • Protocol
      • Payload format <CEF>
    5. Click on OK to save.
    Malwarebytes Reports

    Once the threat source is added, EventLog Analyzer will start parsing the fields in the logs. This log data can now be viewed in the form of reports.

    1. In the EventLog Analyzer console, navigate to Settings > Configurations > Manage Threat Source > Add Source
    2. Click on Existing Host and select the device you had added from the list of existing devices.
    3. Select the Addon Type from the list.
    4. Click on Add.

    The available reports are:

    Get download link