

Jun 11 12:24:38 SymantecServer sjdevswinapp05: Site: Site sjdevswinapp05,Server: sjdevswinapp05,Domain: Default,Admin: admin,Administrator log on failed Go to Admin> Configure External Logging > Servers > Log Filter.For Syslog Server, enter the IP address of the FortiSIEM virtual appliance.Ĭonfiguring the Types of Logs to Send to FortiSIEM.Select Enable Transmission of Logs to a Syslog Server.Go to Admin> Configure External Logging > Servers > General.Log in to Symantec Endpoint Protection Manager.Symantec Endpoint Protection Configuration SyslogįortiSIEM processes events from this device via syslogs sent by the device.Ĭonfiguring Log Transmission to FortiSIEM In ADMIN > Device Support > Event, search for "symantec endpoint" in the Device Type and Description columns to see the event types associated with this device. Symantec Endpoint Protection Configuration.
