@Nils Krumey maybe you can chip in here :)
@Nils Krumey maybe you can chip in here :)
I don’t think I have worked directly with a customer that is using Kaspersky, but from all the documentation I can find Kaspersky should be able to send straight forward Syslog traffic.
If there is no data coming in the first thing I would suggest is to remove the device from within Logpoint, and then go to Devices → “Add Bulk Devices” → “Detect Blocked Device” and see whether the Kaspersky device is showing up there. If it isn’t, then the Syslog traffic isn’t even hitting the Logpoint box.
If it does show up there, and when configured there is still no log data, then there is something else going on - there could be issues with timezones etc., or configuration on the source. That is probably best investigated through Support.
Please sign in to leave a comment.