Impelix IMPACT Integration
with Broadcom Symantec AV
The Impelix IMPACT platform ingests telemetry from your all your security products as well as third-party feeds (threat intelligence, cybersecurity risk, business resilience intelligence, etc.) and delivers event correlation, security control efficacy, and compliance monitoring.
We believe that the more data ingested into IMPACT, the more context you will have regarding security incidents, which will allow effective and efficient incident response and compliance management. Therefore, we encourage and facilitate connecting vendor products telemetry with Impelix IMPACT platform.
Broadcom Symantec AV
Symantec AV
To export log data to a Syslog server
- In the console, click Admin.
- Click Servers.
- Click the local site or remote site that you want to export log data from.
- Click Configure External Logging.
- On the General tab, in the Update Frequency list box, select how often to send the log data to the file.
- In the Master Logging Server list box, select the management server to send the logs to.
- Check Enable Transmission of Logs to a Syslog Server.
- Provide the following information:
- Syslog Server
Type the IP address of the Impelix IMPACT server - Destination Port
Use 514/tcp - Log Facility
Use 0
- Syslog Server
- On the Log Filter tab, check which logs to export.
- Click OK.
- Flip back over to the Impelix IMPACT “Search” interface and search for the IP address of the Symantec AV Server. An entry should be listed on the Syslog tab. Reference: https://support.symantec.com/en_US/article.HOWTO81169.html