You can configure the logging of traffic processing events, system events of the application, and KATA server file transfer events to an event log over the Syslog protocol (hereinafter also referred to as the "Syslog event log"). It allows importing events into a third-party SIEM system.
Information about events is recorded in a separate category of the log, as specified in Syslog settings. Information about each event is sent as a separate syslog message. The text of the syslog message corresponds to the event information displayed in the Events section of the application web interface.
The TCP protocol is recommended for remote logging of events over the Syslog protocol. Network ports used by the Syslog server must be open.