How Can We Help?

Search for answers or browse our knowledge base.

Documentation | Demos | Support

< All Topics
Print

How to enable Syslog Logging for Symantec Data Loss Prevention

You have the option to send severe DLP system events to a syslog server. To do this you must modify the configManager.properties file.

Note: You can configure DLP to send email notifications of severe system events. For details, open the DLP online help and go to Administration > System > Alerts > Alerts Overview.

To enable syslog logging:

  1. Locate and open the configManager.properties file.
  2. Uncomment the following lines:
    • #systemevent.syslog.host=
    • #systemevent.syslog.port=
    • #systemevent.syslog.format= [{0.EN_US}] {1.EN_US} – {2.EN_US}
  3. Type values for each of these parameters, as follows:
    • host—syslog server host or IP address
    • port—syslog server port number (default is 514)
    • format—log file message format. Specify one or more of the following indicators:

{0.EN_US}—includes the name of the server on which the event occurred

{1.EN_US}—includes a brief summary of the event

Was this article helpful?
0 out of 5 stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
How can we improve this article?
Please submit the reason for your vote so that we can improve the article.
Table of Contents