This section provides the configuration information about integrating Advanced Authentication with Sentinel for managing logs. With this integration the syslog files are gathered and transmitted from Advanced Authentication to Sentinel sever, where an administrator can search the events to analyze, monitor, and generate a report.
To configure the integration of Advanced Authentication with Sentinel, perform the following tasks:
To forward the syslog details to Sentinel, you must configure thepolicy by performing the following steps:
Open the Advanced Authentication Administration portal.
Specify the Sentinel server IP address in.
Specify the port number in.
For example, you can specify 1443.
Select the transport layer details in.
For example, you can select
Restart the Advanced Authentication server to apply the changes.
Open the Sentinel console.
Specify the query ((sev:[0 TO 5])) AND (sp:"CEF") in the Search bar, then click .
The events with severity 0 to 5 are displayed. You can download the events in the csv format.