Logging Configuration

You can configure all events in the Event Log section to be sent to a Syslog server.

To access the Configuration section from the Logs tab, click Configuration .

images/download/attachments/24901431/LogsConfiguration2.png

The following settings apply to Metadefender Core's Syslog logging functionality:

Property

Description

Default Value

Enable syslog messages

Indicates whether the following settings will be used to send messages to a Syslog server.

Off

IP Address

The IP address of the Syslog server.

 

Port

The port that the Syslog server is listening on.

514

Facility Level

The facility level can be configured for an additional level of filtering of messages on the Syslog server.

User-Level

Example of Metadefender Core event and dirty result log in syslog:

2014-06-19 15:05:15 User.Notice 10.0.3.101 Metascan: Changed property [thread_pool_size] = [20]

2014-06-19 15:05:15 User.Notice 10.0.3.101 Metascan: Changed property [enable_cache_scan] = [1]

Note: Only infected files scanned through Metadefender Core's REST API result in syslog messages. Files scanned through any other interface do not produce syslog messages. Files scanned using Metadefender Core's workflows are not logged to syslog.