as many companies, we also try to consolidate everything into a central system of some kind that can analyze logs and trigger alarms or extract metrics.
For these reasons it would be excellent to have syslog capabilities. Ideally with the possibility to use TCP on whatever port.
I'm confident other customers would profit from such a feature as well and that this has a very high value regarding security.
Let me know what you think.
Thank you for writing to us with your suggestions. Would you mind supporting your suggestion with any particular example that you must have seen while you worked with your Egnyte account ?
I ask just to get a better picture of your feature request.
thanks for your reply.
As I said, to us it is mostly a matter of getting the logs into out centralized logging platform. The reports are nice, but it does not integrate with any kind of incident response process or SIEM, ITSM, you name it.
For that reason we'd like to have a standard way to retrieve logs. To be honest Syslog is not even my first choice. Something with SSL would be much nicer. Like ELKs Filebeat for example. Since that is not standard however I'd be okay with syslog.
I hope I haven't missed something. I did notice I'm only Power User in egnyte right now.
I very much second this, we also need Egnyte logs for SIEM for ourselves and our clients (we're an MSP). Syslog push or JSON pull, either way. What we need is everything from Informational to Critical, possibly with the addition of Debug when needed.
Thank you for your inputs. I will surely pass it on to the Product Team for review.
A vote for this from us as well. Syslog capability would be fantastic for all companies where SIEMs are pretty much mandatory (healthcare, finance, etc).
Thank you Nick. Your vote certainly adds weight to this feature request.
Thanks for the feedback Johannes. We are considering some way to implement monitoring via SNMP. Out of the box, we close any ports that are not known to the system. Ideally, we'll be able to configure the SNMP ports and add functionality to intergrate with a monitoring service.
syslog would still be required to enable for SEIM platforms to use data from Egnyte.
Would this not be useful with Protect, to be able to ship syslog data to a cloud hosted SIEM/SOC type setup?I'm sure it could be done by API. but if there was a marketplace or recipes for common connections and services, it would very beneficial
Egnyte transforms business through smarter content allowing organizations to connect, protect, and unlock value from all their content.
If you can't find what you're looking for, contact Egnyte Customer Support.