Cryptographic Security Platform provides the Log Forwarder solution for forwarding logs to a Splunk SIEM (Security Information and Event Management) server.
To configure and deploy the Log Forwarder solution
Open the following URL in a Web browser.
https://<machine>/management-consoleWhere
<machine>is the IP address or domain name of the machine hosting Cryptographic Security Platform.- Log into the Management Console a user belonging to a role with Log Forwarder management permissions – for example, the initial
adminadministrator user.See Starting up the Management Console for how to manage users and roles.
- In the content pane, click Manage Solution under Entrust Log Forwarder.
- Activate the Import configuration toggle switch if you want to import configuration settings from a file, such as a sample configuration file included in the product release.
- Active the Enable Advanced Configuration if you want to configure the full set of configuration parameters supported by the solution.
- Click Next.
- Configure the solution settings described in the following sections.
- Click Validate to validate the configured settings.
- Correct any detected configuration error until the Validate option displays no warnings.
- Optionally, click the Download button to export the current configuration. You can later import this configuration with the already mentioned Import configuration toggle switch.
- Click Submit and wait while Cryptographic Security Platform uploads the configuration and any attached file, such as a P12 file with authentication credentials.
- Click Deploy.