Merge pull request #1985 from SEKOIA-IO/fix_for_eset

say that we need TLS + add the file in the tree
SEKOIA-IO · Sep 3, 2024 · 74cf8a0 · 74cf8a0
2 parents 7e4bf30 + f870155
commit 74cf8a0
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 16 deletions.
diff --git a/docs/integration/categories/endpoint/eset_protect.md b/docs/integration/categories/endpoint/eset_protect.md
@@ -62,29 +62,34 @@ type: intake
 ### Instructions on the 3rd party solution
 
 To enable Syslog server in ESET Protect on On-Prem :
-    1. In admin console go to `More` > `Settings`.
-    2. Open `Advanced Settings` tab.
+
+1. In admin console go to `More` > `Settings`.
+2. Open `Advanced Settings` tab.
 
 ![Advanced Settings](/assets/instructions/eset_protect/enable_syslog_1.png)
 
-    3. Click on `Syslog server` > `Use Syslog server`.
-    4. Then click on `Logging` > `Export logs to Syslog` and choose `JSON` format.
-    5. Save configuration.
+3. Click on `Syslog server` > `Use Syslog server`.
+4. Then click on `Logging` > `Export logs to Syslog` and choose `JSON` format.
+5. Save configuration.
 
 ![Syslog configuration](/assets/instructions/eset_protect/enable_syslog_2.png)
 
+!!! warning
+    Important note - For ESET Protect Cloud, you will required a secured syslog forwarder. Please read our article [how to secure data collection to the syslog forwarder](intergration/ingestion_methods/syslog/secured_forwarded.md)
+
 To enable Syslog server in ESET Protect on Cloud:
-    1. In admin console go to `More` > `Admin` > `Settings`.
-    2. Click `General` > `Syslog`
-    3. Check `Enable syslog sending`
-    4. Select `JSON` as the format of the payload
-    5. Select `Syslog` as the format of the envelope
-    6. Select `Information` as the minimal log level
-    7. Check all event types
-    8. Type the address of the log concentrator
-    9. Check `Validate CA Root certificates of TLS connections`
-    10. Copy the public certificate of the Certificate Authority in the textarea
-    11. Click `Apply settings`
+
+1. In admin console go to `More` > `Admin` > `Settings`.
+2. Click `General` > `Syslog`
+3. Check `Enable syslog sending`
+4. Select `JSON` as the format of the payload
+5. Select `Syslog` as the format of the envelope
+6. Select `Information` as the minimal log level
+7. Check all event types
+8. Type the address of the log concentrator
+9. Check `Validate CA Root certificates of TLS connections`
+10. Copy the public certificate of the Certificate Authority in the textarea
+11. Click `Apply settings`
 
 
 ![Advanced Settings](/assets/instructions/eset_protect/cloud_syslog.png)

diff --git a/mkdocs.yml b/mkdocs.yml
@@ -311,6 +311,7 @@ nav:
       - Third-party syslog services: integration/ingestion_methods/syslog/syslog_service.md
       - Rsyslog: integration/ingestion_methods/syslog/rsyslog.md
       - Syslog NG: integration/ingestion_methods/syslog/syslog-ng.md
+      - Secured forwarding: integration/ingestion_methods/syslog/secured_forwarding.md
   - List of Intakes:
     - Overview: integration/categories/overview.md
     - Applicative: