If you are an Alert Logic Cloud Defender, Threat Manager, or Log Manager customer, for Windows log sources, log channels that should be collected are specified within the Alert Logic® console at Configuration > Log Management > Policies > Windows Event Log. Individual event types cannot be selected or filtered out. By default, all log channels are collected.
If you are an Alert Logic Essentials, Professional, or Enterprise customer, click the menu icon () > Configure > Log Management > Windows Event Log. Individual event types cannot be selected or filtered out. By default, all log channels are collected.
For syslog sources, there is no functionality for selecting or filtering specific events, facilities, or severity levels for collection. However, configuration-specific facilities and severity levels can be selected or filtered out. If you utilize configuration-specific facilities, only logs with specified facilities and severity levels will be sent to Alert Logic.
Comments
0 comments
Please sign in to leave a comment.