Support

Support for business applications

Kaspersky XDR Expert

Managing Kaspersky Unified Monitoring and Analysis Platform

Administrator's guide

Configuring event sources

Configuring receipt of IVK Kolchuga-K events

Configuring export of IVK Kolchuga-K events to KUMA

Kaspersky Next XDR Expert
Online Help
FAQ Forum Contact support Recovery tools

Configuring export of IVK Kolchuga-K events to KUMA

May 15, 2024

ID 264825

Get as PDF

To configure the export of events of the IVK Kolchuga-K firewall via syslog to the KUMA collector:

  1. Connect to the firewall over SSH with administrator rights.
  2. Create a backup copy of the /etc/services and /etc/syslog.conf files.
  3. In the /etc/syslog.conf configuration file, specify the FQDN or IP address of the KUMA collector. For example:

    *.* @kuma.example.com

    or

    *.* @192.168.0.100

    Save changes to the configuration file /etc/syslog.conf.

  4. In the /etc/services configuration file, specify the port and protocol used by the KUMA collector. For example:

    syslog 10514/udp

    Save changes to the /etc/services configuration file.

  5. Restart the syslog server of the firewall:

    service syslogd restart

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.