Siem Log Configuration
To set log configurations,
- Navigate to SIEM > SIEM Configuration
- Select the Log Type and the Maximum Record Limit and save.
- Descriptions of Log Types are given below. You can find the sample sent log packages for each type in below parts.
Log Type | Description |
---|---|
AuthLog | This log file contains authentication logs of the Single Connect users. When a user login or logout system, authentication log is sent to SIEM server. |
CommandLog_All | This log file contains the all command, file transfer, key log, and OCR data during sessions. |
CommandLog_FileTransfer | This log file contains info about the transferred file during an RDP session. |
CommandLog_KeyLog | This log file contains the Key Log during RDP sessions. Key Log contains Mouse clicks and keyboard inputs during an RDP session. |
CommandLog_Ocr | This log file contains the OCR data during an RDP session. |
EventLog | This log file contains the user event in WebGUI session. When the user add/edit/delete an item(user, device, realm, parameter etc.), the log of the done operation is sent to SIEM server. |
SessionLog | This log file contains the session info like the target IP address, start/end time etc. |
TacacsLog | This log file contains the info about connection to TACACS devices. |