Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring Stonesoft Management Center

    You can configure Stonesoft Management Center.

    1. Log in to the appliance that hosts your Stonesoft Management Center.
    2. Stop the Stonesoft Management Center Log Server.
    3. In Windows - Select one of the following methods to stop the Log Server:
      • Stop the Log Server in the Windows Services list.

      • Run the batch file <installation path>/bin/sgStopLogSrv.bat.

      In Linux - To stop the Log Server in Linux, run the script <installation path>/bin/sgStopLogSrv.sh

    4. Edit the LogServerConfiguration.txt file. The configuration file is located in the following directory:

      <installation path>/data/LogServerConfiguration.txt

    5. Configure the following parameters in the LogServerConfiguration.txt file:

      Table 1: Log Server Configuration Options

      Parameter

      Value

      Description

      SYSLOG_EXPORT_FORMAT

      LEEF

      Type LEEF as the export format to use for syslog.

      SYSLOG_EXPORT_ALERT

      <YES | NO>

      Type one of the following values:

      • tableBullets

      SYSLOG_EXPORT_FW

      <YES | NO>

      Type one of the following values:

      • Yes - Exports alert entries to JSA using syslog.

      • No - Alert entries are not exported using syslog.

      SYSLOG_EXPORT_IPS

      <YES | NO>

      Type one of the following values:

      • Yes - Exports firewall and VPN entries to JSA using syslog.

      • No - Firewall and VPN entries are not exported by using syslog.

      SYSLOG_PORT

      514

      Type 514 as the UDP port for forwarding syslog events to JSA.

      SYSLOG_SERVER_ADDRESS

      JSA IPv4 Address

      Type the IPv4 address of your JSA console or Event Collector.

    6. Save the LogServerConfiguration.txt file.
    7. Start the Log Server:
      • Windows - Type <installation path>/bin/sgStartLogSrv.bat.

      • Linux - Type <installation path>/bin/sgStartLogSrv.sh.

    You are now ready to configure a traffic rule for syslog.

    Note: A firewall rule is only required if your JSA console or Event Collector is separated by a firewall from the Stonesoft Management Server. If no firewall exists between the Management Server and JSA, you need to configure the log source in JSA.

    Modified: 2016-10-12