Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Syslog capabilities

Syslog capabilities

Status: Accepted Submitted by on ‎07-31-2017 12:35 PM

Hi,

as many companies, we also try to consolidate everything into a central system of some kind that can analyze logs and trigger alarms or extract metrics.

For these reasons it would be excellent to have syslog capabilities. Ideally with the possibility to use TCP on whatever port.

 

I'm confident other customers would profit from such a feature as well and that this has a very high value regarding security.

Let me know what you think.

 

Cheers,

Johannes.

Tags (1)
Comment
10 Comments
Sagar
Retired Employee
Retired Employee
‎07-31-2017 04:07 PM
‎07-31-2017 04:07 PM

Hi Johannes,

Thank you for writing to us with your suggestions. Would you mind supporting your suggestion with any particular example that you must have seen while you worked with your Egnyte account ? 

I ask just to get a better picture of your feature request. 

Regards

Sagar

Johannes Rothe1
Resident
‎08-01-2017 08:12 AM
‎08-01-2017 08:12 AM

Hi Sagar,

thanks for your reply.

As I said, to us it is mostly a matter of getting the logs into out centralized logging platform. The reports are nice, but it does not integrate with any kind of incident response process or SIEM, ITSM, you name it.

For that reason we'd like to have a standard way to retrieve logs. To be honest Syslog is not even my first choice. Something with SSL would be much nicer. Like ELKs Filebeat for example. Since that is not standard however I'd be okay with syslog.

I hope I haven't missed something. I did notice I'm only Power User in egnyte right now.

Cheers,

Johannes.

Gunnar Helliese1
Resident
‎08-15-2017 08:04 PM
‎08-15-2017 08:04 PM

Hi,

 

I very much second this, we also need Egnyte logs for SIEM for ourselves and our clients (we're an MSP). Syslog push or JSON pull, either way. What we need is everything from Informational to Critical, possibly with the addition of Debug when needed.

Thanks,
Gunnar

Sagar
Retired Employee
Retired Employee
‎08-16-2017 06:58 PM
‎08-16-2017 06:58 PM

Hello Gentlemen,

Thank you for your inputs. I will surely pass it on to the Product Team for review.

Regards

Sagar

Nick McLeod
Vigilante
‎12-07-2017 06:58 AM
‎12-07-2017 06:58 AM

A vote for this from us as well. Syslog capability would be fantastic for all companies where SIEMs are pretty much mandatory (healthcare, finance, etc).

Sagar
Retired Employee
Retired Employee
‎12-07-2017 04:47 PM
‎12-07-2017 04:47 PM

Thank you Nick. Your vote certainly adds weight to this feature request. 

Thanks.

JulieMullins
Retired Employee
Retired Employee
‎01-09-2019 01:44 PM
‎01-09-2019 01:44 PM
Status changed to: New
 
Ed Tseng1
Employee
Employee
‎02-28-2019 04:13 PM
‎02-28-2019 04:13 PM
Status changed to: Accepted

Thanks for the feedback Johannes.  We are considering some way to implement monitoring via SNMP.  Out of the box, we close any ports that are not known to the system.  Ideally, we'll be able to configure the SNMP ports and add functionality to intergrate with a monitoring service.

00depps
Deputy
‎08-28-2019 02:51 AM
‎08-28-2019 02:51 AM

syslog would still be required to enable for SEIM platforms to use data from Egnyte.

Dave Nish
Steward
‎01-02-2020 08:09 AM
‎01-02-2020 08:09 AM

Would this not be useful with Protect, to be able to ship syslog data to a cloud hosted SIEM/SOC type setup?

I'm sure it could be done by API. but if there was a marketplace or recipes for common connections and services, it would very beneficial

Resources
Fine Print
Need Help?

If you can't find what you're looking for, contact Egnyte Customer Support.