Adding CEF devices
Note: Ensure Log360 Cloud agent is installed on at least one Windows device in your network. To configure the agent, follow the steps provided
here.
- In the Log360 Cloud console, navigate to Settings -> Configuration Settings -> Log source configuration -> Applications -> Security Applications -> Add Security Applications
- Select Add-on type as CEF Format
- Expand the list by clicking the "+" icon to add a new device.
- Choose from the drop-down menu to add Configured devices, Workgroup devices, domain devices, etc.
- To add new devices manually, click on Configure Manually and enter Log Source
- Click on Select and Add to add the log source.
- Use the Select Agent dropdown to select the device that is the agent to which the logs will be forwarded.
- The applications will now be added for monitoring.
Adding Common Event Format (CEF) Devices
- Login to the application or device which supports CEF log format.
- Go to syslog server configuration.
- In the field for Log Format, select CEF Format.
- In the Syslog Server IP address field, enter the <IP address or host name of the Log360 Cloud Agent server>.
- Enter the syslog port <Any port that the Log360 Cloud agent server is listening to> and save the configuration.
- To add CEF devices to Log360 Cloud, click here.
