About marking events for export to SIEM system in the Syslog format

17 June 2024

ID 151327

After enabling automatic export of events, you must mark which events will be exported to the external SIEM system.

You can configure export of events in the Syslog format to an external system based on one of the following conditions:

  • Marking general events. If you mark events to export in a policy, in the settings of an event, or in the Administration Server settings, the SIEM system will receive the marked events that occurred in all applications managed by the specific policy. If exported events were selected in the policy, you will not be able to redefine them for an individual application managed by this policy.
  • Marking events for a managed application. If you mark events to export for a managed application installed on a managed device, the SIEM system will receive only the events that occurred in this application.

See also:

Scenario: Configuring event export to SIEM systems

About events in Kaspersky Security Center Cloud Console

Marking events of a Kaspersky application for export in the Syslog format

Marking general events for export in Syslog format

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.