Hi,
I am currently configuring LEM to monitor a small industrial network, (containing 12 devices).
Firstly can someone please confirm that LEM is capable of receiving SYSLOG data.
If so, is this a generic acceptance or does the device have to be configured as an "Appliance -> Tool".
I am trying to receive SYSLOG entries from 2 firewalls (Hirschmann Eagle 20 Tofino firewalls).
These firewalls allow me to set a SYSLOG server address, Source Port and Destination Port (the latter two both set as 514). Along with a choice of UDP, TCP & TLS.
I have previously had to perform a sensor tool upgrade to be able to get information from a similar firewall (Hirschmann Eagle 20 firewall) do I need to get a new tool update.
I've attached the xml file used to update the LEM for the previous firewall, this is still installed but does not function with the new firewalls.
lastly I have confirmed that the firewall SYSLOG functionality performs correctly by using a trial version on Kiwi which displayed the entries with no problems.
any help or information is much appreciated.
Thanks for reading,
Lewis