Kaspersky Next XDR Expert
1.1.4 and earlier

Contents

Configuring receipt of Ideco UTM events

You can configure the receipt of Ideco UTM application events in KUMA via the Syslog protocol.

Configuring event receiving consists of the following steps:

  1. Configuring export of Ideco UTM events to KUMA.
  2. Creating a KUMA collector for receiving Ideco UTM.

    To receive Ideco UTM events, in the Collector Installation Wizard, at the Event parsing step, select the "[OOTB] Ideco UTM syslog" normalizer.

  3. Creating a KUMA collector for receiving Ideco UTM events.
  4. Verifying receipt of Ideco UTM events in KUMA.

    You can verify that the Ideco UTM event source server is correctly configured in the Searching for related events section of the KUMA console.

Page top
[Topic 264829]

Configuring export of Ideco UTM events to KUMA

To configure the sending of events from Ideco UTM to KUMA:

  1. Connect to the Ideco UTM web interface under a user account that has administrative privileges.
  2. In the System message forwarding menu, move the Syslog toggle switch to the enabled position.
  3. For the IP address setting, specify the IP address of the KUMA collector.
  4. For the Port setting, enter the port that the KUMA collector is listening on.
  5. Click Save to apply the changes.

The forwarding of Ideco UTM events to KUMA is configured.

Page top
[Topic 264830]