Device Config: Cylance - Syslogs Forwarding
Steps to configure logs from Cylance to Seceon CCE:
In Cylance, go to Settings > Application.
2. In the Integrations section, activate the Syslog/SIEM check box.
3. Under Event Types activate the checkboxes for all events.
For other options, make the choices as below:
SIEM: "None"
Protocol: "UDP"
TLS/SSL check box: Unchecked
IP/Domain: Enter the IP of the Seceon CCE
Port: 514.
Severity: "Alert (1)"
Facility: "Internal (5)"
Click Save.