Device Config: Cylance - Syslogs Forwarding

Steps to configure logs from Cylance to Seceon CCE:

  1. In Cylance, go to Settings > Application.

2. In the Integrations section, activate the Syslog/SIEM check box.

3. Under Event Types activate the checkboxes for all events.

For other options, make the choices as below:

  • SIEM: "None"

  • Protocol: "UDP"

  • TLS/SSL check box: Unchecked

  • IP/Domain: Enter the IP of the Seceon CCE

  • Port: 514.

  • Severity: "Alert (1)"

  • Facility: "Internal (5)"

Click Save.