IMPORTANT:The CEF Log Forward Policy is not available in Advanced Authentication as a Service (SaaS) version
In this policy, you can configure settings to forward the logs to an external Syslog server. The central logging server can be used for log forwarding. To configure the policy, perform the following steps:
Set Enable to ON.
Specify the IP address of the remote logging server in Syslog server.
Specify the port of the remote logging server in Port.
Select an applicable transfer protocol from Transport.
IMPORTANT:For Risk Audit events, only TCP is supported.
Click Save.
NOTE:The same Syslog configuration is used for each server type. Each server type in the appliance records its own log file.
All logs of the Logs section except the Async and WebAuth logs are forwarded to the external Syslog server. For more information about logs, see Section 28.0, Logging.
For more information about how to integrate Advanced Authentication with external log management server, see an example Configuring Integration with Sentinel
.