search

Syslog sending to Kafka

To configure browse to Settings - Notifications - Kafka

Enter the destination IP or DNS name and port of Kafka bootstrap server(s)

  • Kafka has one (or more) designated bootstrap servers that will initiate the connection

  • Format is destination:port

  • Multiple bootstrap brokers may be entered in this box

Select a protocol:

  • SSL

  • TCP

Upload your CA Certificate, Client Certificate and Client key (all required)

  • CA certificate

    • Must be in unencrypted PEM, x.509 format

  • Client Certificate

    • Must be in unencrypted PEM, x.509 format

    • Must be signed by CA certificate

  • Client Key

    • Must be in unencrypted PEM, x.509 format

    • Must match Client Certificate

Select a Log Topic type:

  • Common topic for all log types

    • Must specify a topic name

    • No spaces or special characters allowed

  • Unique topic name each log type

Select a Format:

  • Standard

  • CEF

Select any combination of Log Types:

  • Campaigns

  • Detections

  • Hosts

  • Audit logs

  • System health

Click Save

Wait approximately one minute for internal services to start up.

Click Test icon at far right of Kakfa table row.

A test message for every configured log type will be sent to the destination should now be visible in your Kakfa consumer.

PreviousSyslog guide (QUX)NextSyslog and Kafka message size limits (QUX)

Last updated

Was this helpful?