How Can We Help?

Search for answers or browse our knowledge base.

Documentation | Demos | Support

< All Topics
Print

How to enable Syslog Logging for Symantec Data Loss Prevention

You have the option to send severe DLP system events to a syslog server. To do this you must modify the configManager.properties file.

Note: You can configure DLP to send email notifications of severe system events. For details, open the DLP online help and go to Administration > System > Alerts > Alerts Overview.

To enable syslog logging:

  1. Locate and open the configManager.properties file.
  2. Uncomment the following lines:
    • #systemevent.syslog.host=
    • #systemevent.syslog.port=
    • #systemevent.syslog.format= [{0.EN_US}] {1.EN_US} – {2.EN_US}
  3. Type values for each of these parameters, as follows:
    • host—syslog server host or IP address
    • port—syslog server port number (default is 514)
    • format—log file message format. Specify one or more of the following indicators:

{0.EN_US}—includes the name of the server on which the event occurred

{1.EN_US}—includes a brief summary of the event

Was this article helpful?
0 out of 5 stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
How can we improve this article?
Please submit the reason for your vote so that we can improve the article.
Previous How to enable Finest level logging on DLP agents
Next How to export incidents in Symantec DLP
Table of Contents