Can a Syslog event be generated when an infection is found on Metadefender Kiosk ?

Yes, a Syslog event can be generated when an infection is found. Please note that this feature is only for files scanned through REST API and events generated in REST layer.

The ways of achieving this, however, are slightly different between Metadefender Kiosk v3 and Metadefender Kiosk v4.

For Metadefender Kiosk v3 :

In order to configure Syslog events, open your MetaDefender Kiosk management console (the default is localhost:8009) and navigate to Logs > Configuration.

Afterwards, tick the box next to "Log scan results for infected files"

images/download/attachments/33438890/syslog.PNG

For Metadefender Kiosk v4 :

Infected files events are already logged by default in this version of the product, after configuring the syslog From Logs->Configuration->New Server.

images/download/attachments/33438890/kioskinterface.PNG

In the screenshot below, highlighted in Red, you can see the way an EICAR test file is logged, with event code "100001".

images/download/attachments/33438890/kiosksyslog.PNG

This article pertains to MetaDefender Kiosk
This article was last updated on 2018-08-13
CN