Can a Syslog event be generated when an infection is found on Metadefender Kiosk?
Yes, a Syslog event can be generated when an infection is found. Please note that this feature is only for files scanned through REST API and events generated in REST layer.
The way of achieving this, however, is slightly different between Metadefender Kiosk v3 and Metadefender Kiosk v4.
For Metadefender Kiosk v3 :
In order to configure Syslog events, open your MetaDefender Kiosk management console (the default is localhost:8009) and navigate to Logs→Configuration.
Afterward, tick the box next to "Log scan results for infected files"
For Metadefender Kiosk v4 :
Infected files events are already logged by default in this version of the product, after configuring the Syslog from Logs→Configuration→New Server.
In the screenshot below, highlighted in Red, you can see the way an EICAR test file is logged, with event code "100001".
This article pertains to MetaDefender Kiosk
This article was last updated on 2019-10-07
VM