-
Notifications
You must be signed in to change notification settings - Fork 57
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1729 from SEKOIA-IO/newintake/olfeo
add olfeo
- Loading branch information
Showing
2 changed files
with
49 additions
and
0 deletions.
There are no files selected for viewing
48 changes: 48 additions & 0 deletions
48
docs/xdr/features/collect/integrations/network/olfeo_secure_web_gateway.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
| uuid: a2915a14-d1e9-4397-86fc-8f8b2c617466 | ||
| name: Olfeo Secure Web Gateway | ||
| type: intake | ||
|
|
||
| ## Overview | ||
|
|
||
| Olfeo Secure Web Gateway is a suite of cybersecurity features for analyzing, filtering and securing your web flows. Combining proxy filtering, flow antivirus and DNS filtering. | ||
|
|
||
| !!! warning | ||
| Important note - This format is currently in beta. We highly value your feedback to improve its performance. | ||
|
|
||
|
|
||
| {!_shared_content/operations_center/detection/generated/suggested_rules_a2915a14-d1e9-4397-86fc-8f8b2c617466_do_not_edit_manually.md!} | ||
|
|
||
| {!_shared_content/operations_center/integrations/generated/a2915a14-d1e9-4397-86fc-8f8b2c617466.md!} | ||
|
|
||
| ## Configure | ||
|
|
||
| This setup guide will show you how to forward your Olfeo Secure Web Gateway logs | ||
| to Sekoia.io by means of a syslog transport channel. | ||
|
|
||
| ### Prerequisites | ||
|
|
||
| - Have an internal log concentrator | ||
|
|
||
| ### Versions supported | ||
|
|
||
| Olfeo Secure Web Gateway On premise v6.8.6 and above | ||
|
|
||
| ### Enable Syslog forwarding | ||
|
|
||
| To enable syslog forwarding: | ||
|
|
||
| 1. Log in your Olfeo web interface. | ||
| 2. Go to `Parameters > Monitoring > Syslog.`. | ||
| 3. Click on `add a syslog` button. | ||
| 4. Add `label, description and server adress`. | ||
| 5. Click on `Create`. | ||
|
|
||
| Olfeo forward syslogs in UDP on port 514. You must setup your internal log concentrator to listen on this port and forward logs to Sekoia.io. | ||
|
|
||
| ### Create the intake | ||
|
|
||
| Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the format `Olfeo Secure Web Gateway`. | ||
|
|
||
| ### Forward logs to Sekoia.io | ||
|
|
||
| Please consult the [Syslog Forwarding](../../../ingestion_methods/sekoiaio_forwarder/) documentation to forward these logs to Sekoia.io. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters