Documentation forSecurity Event Manager

Set up a separate syslog server for use with SEM

You can monitor your switches, routers, and firewalls using a syslog server. This server collects and sends syslog messages from non-agent devices to the SEM Manager over TCP or UDP. SEM uses this information to monitor syslog events and displays them in the Live Events and Historical Events and Reports tabs, which you can access from the toolbar.

Each device is paired with a connector, enabling SEM to parse messages from the syslog server and normalize the log message content to a SEM event.

Consider deploying Kiwi Syslog Server (KSS) in your deployment to act as your syslog server. KSS provides an affordable on-premises solution to manage syslog messages, SNMP traps, and Windows event logs. Otherwise, select and use an existing syslog server in your organization.