Sending alerts from Manager via syslog
170 views
Skip to first unread message
Stephen
May 9, 2019, 4:18:35 AM5/9/19
to Wazuh mailing list
Hi guys, is there a feature to send alerts from the Manager to a data collector via syslog format or SNMP.
Here is the logic flow : Agent -> Manager -> Syslog collector
I would like to send all the alerts from the Manager to a database via syslog/SNMP.
Any suggestions?
Thanks
Steve
Rafael Cenit
May 9, 2019, 4:33:06 AM5/9/19
to Wazuh mailing list
Hi Stephen,
yes it is possible to do that, Wazuh can forward the alerts from the manager to a syslog server without problems.
Check out this documentation link: https://documentation.wazuh.com/3.x/user-manual/manager/manual-syslog-output.html
Basically all you have to do is to configure a <syslog_output> configuration block on your Wazuh manager.
<syslog_output>
<level>9</level>
<server>YOUR_SYSLOG_IP</server>
</syslog_output>
Of course you can configure the alert level to a lower setting if you have to.
Best regards.
Reply all
Reply to author
Forward
0 new messages