Configuring DSMs
384
W
EBSENSE
V-S
ERIES
To configure SIEM to receive events from a Websense V-Series appliance:
From the
Log Source Type
drop-down list box, select
Websense V Series
.
For more information on configuring log sources, see the
Log Sources User Guide
.
For more information on configuring your Websense V-Series appliance, consult
your vendor documentation.
Websense V-Series
Content Gateway
The SIEM Websense V-Series Content Gateway DSM supports event for web
content on Websense V-Series appliances with the Content Gateway software.
The SIEM Websense V-Series Content Gateway DSM accepts events using
syslog to stream events or using the log file protocol to provide events to SIEM.
Before you can integrate SIEM, you must select one of the following configuration
methods:
•
To configure syslog for your Websense V-Series, see
Configuring Syslog for the
Websense V-Series Content Gateway
.
•
To configure the log file protocol for your Websense V-Series, see
Configuring
Log File Protocol for the Websense V-Series Content Gateway
.
Configuring Syslog
for the Websense
V-Series Content
Gateway
The Websense V-Series DSM supports Websense V-Series appliances running
the Websense Content Gateway on Linux software installations. Before
configuring SIEM, you must configure the Websense Content Gateway to provide
LEEF formatted syslog events.
To configure your Websense V-Series Content Gateway:
1 Configure the Management Console. For more information, see
Configuring the
Management Console
.
2 Enable event logging. For more information, see
Enabling Event Logging
.
Configuring the Management Console
To configure event logging in the Content Gateway Manager:
Step 1
Log into your Websense Content Gateway Manager.
Step 1
Click the
Configure
tab.
Step 2
Select
Subsystems > Logging
.
The General Logging Configuration window is displayed.
Step 3
Select
Log Transactions and Errors
.
Step 4
Select
Log Directory
to specify the directory path of the stored event log files.
The directory you define must already exist and the Websense user must have
read and write permissions for the specified directory. The default directory is
/opt/WGC/logs
Step 5
Click
Apply
.
Summary of Contents for Security Information and Event Manager
Page 2: ......
Page 8: ......
Page 20: ......
Page 22: ......
Page 24: ......
Page 26: ......
Page 32: ......
Page 34: ......
Page 36: ......
Page 38: ......
Page 44: ......
Page 58: ......
Page 90: ......
Page 92: ......
Page 94: ......
Page 114: ......
Page 116: ......
Page 122: ......
Page 124: ......
Page 126: ...Configuring DSMs 110 FIREEYE...
Page 128: ......
Page 130: ......
Page 132: ......
Page 136: ......
Page 140: ......
Page 144: ......
Page 172: ......
Page 176: ...Configuring DSMs 160 ISC BIND...
Page 180: ......
Page 182: ......
Page 184: ......
Page 204: ......
Page 224: ......
Page 246: ......
Page 250: ......
Page 256: ......
Page 260: ......
Page 276: ......
Page 282: ......
Page 284: ......
Page 306: ......
Page 308: ......
Page 318: ......
Page 322: ......
Page 324: ......
Page 346: ......
Page 356: ......
Page 366: ......
Page 384: ......
Page 392: ......
Page 394: ......
Page 396: ......
Page 398: ......
Page 404: ......
Page 426: ......