Services
The services area of the Signum Admin Web Console gives the administrator the option for configuring external logging services for the Signum Event Logs. This will send Two methods are supported, Syslog and Splunk.
SysLog
Setting | Description |
---|---|
SysLog | Enable to activate SysLog exports. |
Protocol | The Communication protocol to use TCP/UDP. |
Server | The SysLog Server URL. |
Port | Optional Port configuration. |
TLS | Enable to use TLS. |
TLS Certificate | The TLS certificate of the SysLog server |
Splunk - HTTP Event Collector
This setting will configure Signum to send Event Log data to a configured Splunk server using their Event Collector framework.
The Signum Server must be running version 4.20 or later before enabling this feature
Setting | Description |
---|---|
Splunk | Enable to activate sending the logs to Splunk |
TLS Certificate | Choose wether Signum must validate the Splunk server certificate. Keyfactor Support can help add your private CA certificate to Signum if your Splunk server is using one. |
Splunk HEC URL | The URL of your Splunk HTTP Event Collector. To make sure the URL is configured properly please see https://docs.splunk.com/Documentation/Splunk/9.3.1/Data/UsetheHTTPEventCollector#Configure_HTTP_Event_Collector_on_Splunk_Cloud_Platform The An example of a URL from a trial Splunk instance may look like
CODE
|
Splunk HEC Token | The HEC Access token from Splunk. |