Manualshelf

User's Guide

ManualsBrandsMojo Networks ManualsElectronicsAccess Point / Sensor
141142143144145146147148149150
AirTight Management Console User Guide
138
Edit Syslog Server
To edit syslog server settings for a syslog server, do the following.
1.
Go to Configuration>ESM Integration>Syslog Integration.
2. Click the Syslog server IP address and port hyperlink in the list of Syslog servers.
3. Make the necessary changes.
4. Click OK to save the changes.
Delete a Syslog Server
You can delete a syslog server from the list of syslog servers, Once deleted from the list, the entries will
not be sent to this server.
To delete a syslog server, do the following.
1.
Go to Configuration>ESM Integration>Syslog Integration.
2. Click the Delete hyperlink for the Syslog server to delete the Syslog server.
Copy Syslog Server Settings to Another Server
You can copy the Syslog server settings from one server to another server when both servers are part of
the same server cluster. You can copy syslog server settings from child server to child server, parent
server to child server, or child server to parent server. You must be a superuser or an administrator to
copy policies from one server to another.
To copy syslog server settings, do the following.
1.
Go to Configuration>ESM Integration>Syslog Integration on the parent server.
2. Click Copy Policy. The Copy Policies dialog box appears.
3. Select the server from which the syslog server settings are to be copied.
4. Select the server to which the syslog server settings are to be copied.
5. Click OK to copy the syslog server settings,
Arcsight Integration
Go to Configuration>ESM Integration>Arcsight Integration to configure the integration settings for
communication with Arcsight server
AirTight Management Console integrates with ArcSight’s Enterprise Security Management (ESM)
infrastructure by sending events to the designated ArcSight server. The ArcSight server is configured to
accept syslog messages having detailed event information in ArcSight’s Common Event Format (CEF).
The system needs the IP Address or the hostname and the port on which the ArcSight server receives
events. You can add more than one Arcsight servers to receive events from AirTight Management
Console. Apart from events, you can also send audit logs from AirTight Management Console to an
Arcsight server. Refer to the following figure for a graphical representation of Arcsight integration.