Configure a syslog server to send logs to Arctic Wolf
You can configure your syslog server to send the necessary logs to Arctic Wolf®.
Note: This is a generic configuration. Only use this configuration if your product is not listed on Syslog Integrations.
Arctic Wolf supports raw log ingestion for syslog integrations, but we do not currently provide security monitoring for all log types. For example, non-RFC logs.
These resources are required:
- An activated Capteur Arctic Wolf or Collecteur de journaux virtuel (vLC)
- TLS version 1.2
Note: Arctic Wolf supports TLS version 1.2 for encrypted syslog data sent to the Capteur Arctic Wolf. If your log source requires older cipher suites, contact your Concierge Security® Team (CST) to discuss an exception.
- A certificate, if you are configuring encryption for syslog forwarding. Contact your CST for more information.
- A syslog server