8.6.1. Export data to a SIEM via the syslog protocol

8.6.1.1. Introduction

This procedure describes how to configure the connection to a SIEM via the syslog protocol.

Note

See the presentation Syslog servers.
See the presentation of the exported data described in the paragraph Data use.
The graphical interface of the data export function is described in `Admin-GCenter- Data exports` screen of the legacy web UI.

8.6.1.2. Prerequisites

User : member of Administrator group

8.6.1.3. Preliminary operations

Login to GCenter via a browser (see Connecting to the GCenter web interface via a web browser).

8.6.1.4. Procedure to access the `Data exports` window for an administrator account

In the navigation bar, click successively on:
- The `Admin` button
- The `Gcenter` sub menu
- The `Data exports` command
  
  The `Data exports` window is displayed.

8.6.1.5. Procédure to set the export settings

Click the `Configure` button (5) on one of the two connections (6 or 7) to be configured.

The `Syslog data export` window opens.

Enter the parameters of the three tabs:
- `GENERAL` (1)
- `FILTERS` (2)
- `ENCRYPTION` (3)

The list of items is detailed in `Admin-GCenter- Data exports` screen of the legacy web UI.

Validate using the `Save` button (9).
If necessary, set up the other connection (6 or 7).

8.6.1.6. Procedure to activate

../../_images/DATA_EXPORT-02.PNG

Use the `Enabled` selector (15) to enable export.
Validate using the `Save` button (9).