4. Configuration

Configuration privileges are available only for administrators.

📄️ 4.1 Input Options

Configure the input options to enable Scribbler to listen on the port and for the protocol used by the network devices.

📄️ 4.2 Forward Logs

You can configure Scribbler to forward system logs to a remote server.

📄️ 4.3 SNMP Trap Input

You can configure Scribbler to receive SNMP traps from network devices and then forward the information to Logstash.

📄️ 4.4 SNMP Trap Forward

You must configure Scribbler to forward the SNMP traps to a remote server.

📄️ 4.5 Active Directory Auth

The solution supports integration with Microsoft Active Directory through LDAP. The authentication is “pass-through”, which indicates that the credentials are not stored.

📄️ 4.6 Database Filters

Database filters decide which logs are stored in the database. The application reads all the logs and stores a copy to the database based on the configured filters. You can set filters for facilities for each severity level.

📄️ 4.7 Forward Filters

You must forward log data to a remote backup database to conserve database storage space. The application reads all the logs and stores a copy to the database based on the configured filters. You can set filters for facilities for each severity level.

📄️ 4.8 Storage

You can configure the storage settings to set the frequency for creating a new log storage unit, the number of storage units that must be retained in the live database, and the size of the storage unit.

📄️ 4.9 Backup

You can configure the backup storage location. You can also compress and encrypt the backup files to secure them.

📄️ 4.10 SNMP

Scribbler supports SNMPv3 for reporting purposes.

📄️ 4.11 General Settings

The General Configuration page provides options to configure security settings for account logins, session timeout, and password expiry. You can also configure audit logging IP address and banners.

📄️ 4.12 CEF Logs

You can configure Scribbler to collect syslogs in Common Event Format (CEF) format.

📄️ 4.13 Splunk Forwarding

Scribbler supports forwarding logs to Splunk.

📄️ 4.14 Hostname Detection

There are cases where detecting or resolving the hostname of the received log messages is important. By default, scribbler can detect the hostname using the operating system’s default DNS configuration.

📄️ 4.15 Remote Windows Event Log

Scribbler’s default syslog inputs are capable of processing windows events received through Syskey Windows Agent. However, the Remote windows event log collection feature implemented in newer versions of SyskeyOT Windows Agent requires some special processing to keep the source device IP address. Which is supported by the “Windows Event Log Collection” feature.

🗃️ 4.16 Strong TLS Security

1 item