Description |
This article describes the further steps required in FortiSIEM Supervisor/Collector in order to integrate properly with BlueCoat web proxy.
Refer to the doc below for the basic configurations required: |
Scope |
FortiSIEM 5.4 and below |
Solution |
1) Log in to the supervisor or the collector node as root.
2) Set 'incoming_log_cfg=/opt/phoenix/cache/bluecoat' in 'phoenix_config.txt'.
> vi /opt/phoenix/config/phoenix_config.txt
> vi /etc/snare/epilog/epilog.conf
|
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Inappropriate Content
Hi,
Do note that Epilog Snare was earlier a free product and now it has to be purchased.
So by default you wouldn't be finding it on recent Linux Distributions.
Regards,
Prem Chander R