Overview

We are providing you with the steps to integrate your SAP Application with Seceon SIEM so One can have Comprehensive visibility and Proactive Threat Detection in your Environment. There will be a log transfer between your firewall to APE(Analytics and Policy Engine) via CCE (Collection and Control Engine ). In this document, we are guiding you through the steps for Log forwarding.

Step Of Configuration

Configuring Logs Receiver(https listener) from CCE end

1. Go to CCE’s package directory, example -

   Image Modified

2. Run ./setup.sh -sap

3. Type yes and press enter to enable http listener for SAP Application

   Image Modified

4. if LTS present:

5. Check cce-logs-manager’s logs (using otmdoc -l cce-logs-manager)

   • else

     • Check cce-logs-processor’s logs (using otmdoc -l cce-logs-processor)

Verification

If you see - Starting http input listener {:address=>CCE-IP:63514", :ssl=>"false"} in cce-logs-processor’s or cce-logs-manager’s(if LTS present) logs it means things are working, example -

1. Image Modified