Syslog Integration

  • 1 minute(s) read
Prev Next

Trustifi has a built-in Integration with Syslog as an SIEM system which can be used to automatically send different types of data and events from your Trustifi dashboard to your Syslog instance. The integration can automatically send these types of data:

  1. Newly created entries in your inbound quarantined emails in Trustifi

  2. “Account Takeover Protection” incidents

  3. Any newly created audit logs from your Trustifi dashboard

To connect the integration between Trustifi and your Syslog instance, follow the simple steps below:

Step 1 - Navigate to the Syslog Integration Window

The Syslog integration section can be found in either the Inbound Integrations or Outbound Integrations pages in the Trustifi dashboard.

When you are in the “Integrations” page, find the Syslog section and click on it to open the connection pop-up.

Step 2 - Open the Connection Credentials Section

In the “Syslog Integration” pop-up, you will see a general description of how the integration works, as well as the current connection status (initially should be “Disconnected”).
Click on the “Connect” button to open the connection credentials section.

After the connection has been established for this integration (in the next step), you can go back to this screen to use the “Verify connection” option to send a test log from Trustifi to your Syslog instance.

Step 3 - Entering Connection Credentials and Connecting

In the next window you will need to enter 3 inputs to establish the connection between Trustifi and your Syslog instance:

  1. Host: your specific Syslog endpoint to which logs will be sent from Trustifi

  2. Port: which specific port will be open in your Syslog instance to receive logs from Trustifi

  3. Protocol: the specific protocol supported by your Syslog instance (usually TCP)

Once all inputs have been correctly added, you can click on the “Connect” button to establish the connection.

This connection process only needs to be done once, after the connection has been established Trustifi will continue to send logs to your Syslog instance continuously.

Step 4 - Verifying the Connection

After entering the inputs and connecting in the previous step, you will be returned to the previously seen pop-up window.

In this window, verify the connection status has changed to “Connected”.