Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5258
Views
0
Helpful
4
Replies

Does Endpoint AMP send syslog event ?

peter.peng
Level 1
Level 1

‎11-05-2018 09:01 PM - edited ‎02-20-2020 09:06 PM

Hi Sir:

    Does Endpoint AMP send syslog event  or send the log by any methods ?

 

Labels:
0 Helpful
4 Replies 4

David Janulik
Cisco Employee
Cisco Employee

‎11-06-2018 03:02 AM

Hello,

 

AMP agent sends events to AMP console, for further details. The typical Syslog is not paired in any way with AMP agent. If Security Operation wants such output, need to use API. With REST API you are able to pull data, or run them regulary using e.g. cron jobs.

 

Hope that answers your question

 

David

Cyber security escalation engineer
0 Helpful

AlexPi
Level 1
Level 1

‎11-06-2018 04:04 AM

I think this is what you need: Overview of the Cisco AMP for Endpoints API

 

 

------------------------------------------------------------------
If this was helpful, please vote as helpful by clicking on the star icon below.
-------------------------------------
0 Helpful

jefburke
Cisco Employee
Cisco Employee

‎11-07-2018 11:28 AM

Hi Peter,


Neil and Evgeny have an Endpoint Security Ask The Expert thread going right now. It has a good focus on AMP. You should try posting this question and others there!

Here is the link: https://community.cisco.com/t5/advanced-threats/ask-the-expert-endpoint-security-the-daunting-challenges-of-the/td-p/3736946

I may not be able to help much, be he can!

0 Helpful

peter.peng
Level 1
Level 1
In response to jefburke

‎11-07-2018 06:21 PM

Hi Jefburke:

    OK, Thanks for your help.
0 Helpful
Customers Also Viewed These Support Documents