Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1791
Views
5
Helpful
1
Replies

stealthwatch audit log forwarding

Go to solution
jitendrac
Level 1
Level 1

‎02-01-2022 07:18 AM

What is the difference between audit log destination on SMC appliance admin page and by adding syslog server using desktop client because we can see that using appliance administration interface syslog forwarding is compulsory over TLS. We need to add Syslog SSL/TLS certificate on appliance Trust Store before configuring the Audit Log Destination.

Where as in Desktop Client we can create an action and add plain text syslog server 

Is there any difference in audit logs that are being sent from SMC Appliance Admin Interface and Using SMC Desktop Client ?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Aref Alsouqi
VIP
VIP

‎02-01-2022 09:15 AM

I think the difference is that from the Desktop Client you can only configure the external Syslog servers for the normal Syslog logs, not the audit logs. However, if you want to enable the audit logs which are related to the to be sent to an external Syslog server then you have to enable a Syslog over TLS destination server.

View solution in original post

1 Reply 1

Go to solution
Aref Alsouqi
VIP
VIP

‎02-01-2022 09:15 AM

I think the difference is that from the Desktop Client you can only configure the external Syslog servers for the normal Syslog logs, not the audit logs. However, if you want to enable the audit logs which are related to the to be sent to an external Syslog server then you have to enable a Syslog over TLS destination server.

Customers Also Viewed These Support Documents