Configuring Export Log

Configuring Export Log

This KB article describes how to configure the various export log options.

The Settings > Export Log page allows the ISA web portal administrator to add log profiles to export logs from the ISA web portal to external log management solutions or email. 

The following predefined log server formats are available:

Name of Log Manager

Protocol (default)

Port number


QRadar


TCP



22


ArcSight


TCP & UDP


TCP 515 or 8515

UDP 514 or 8514



Splunk



TCP or UDP


8088 

Syslog


TCP 



514

SCP


TCP



22

SFTP


TCP



22


Email



N/A


N/A


  1. On the Export Log page, click Add.



  1. In the Log Profile window, under Profile Name, enter a name for the profile. The maximum number of characters allowed in the field is 50. 

  2. Click the Log Server Format drop-down to select the log server. 

  3. Click the Log to be Exported drop-down and select Event Log or Session Log, or App Access Log.

  4. Click the Timezone drop-down and select either Asia/Calcutta or UTC.

  5. In the Server IP field, enter the IP address of the log server.

  6. In the Backup Server IP field, enter the IP address of the backup log server.

  7. Click the Protocol drop-down, select TCP or UDP

  8. In the Port field, enter the port number the server is listening on. 

  9. If SCP or SFTP is selected under Log Server Format, in the User Name field, enter the username of the user configured on the server. 

  10. If SCP or SFTP is selected under Log Server Format, in the Remote Path field enter the path the log file must be saved. 

  11. If Email is selected under Log Server Format, enter one or more email addresses to send the log files to. 

  12. Click Save and Add new.



Sorting the Log Profiles

You can sort the list by Email, Reports, Schedule, or Email CC. Click the up/down arrow alongside the headers.



Search Log Profiles

You can search the list by name by entering it in the search box. 




    • Related Articles

    • ISA App Log File

      The ISA App, once successfully installed and configured, generates Connection Logs that could be extremely helpful in troubleshooting issues that may crop up. Depending on the device OS, the Log File location is as follows: Locating the ISA App Log ...

    • Configuring Two-Factor Authentication

      Two-Factor Authentication (TFA) adds one more layer of security to the ISA User Agent connection process, in addition to the username-password and certificate method of authentication. When TFA is enabled for a user or user group, the User Agent is ...

    • Configuring Local Users

      This user guide describes the various configuration options to manage users on the ISA web portal. The Users page on the ISA web portal allows administrators to create and maintain a database of users that either connect remotely using the ISA User ...

    • Access Log

      This KB article describes the information listed on the Access Log page and how to manage them. The LOGS & REPORTS > Access Log page lists the ISA web console login sessions. Each entry on the page contains the username of the user, the page on the ...

    • Session Log

      This KB article describes the information listed on the Session Log page and how to manage them. The LOGS & REPORTS > Session Log page lists the login sessions of users and Gateways. The page lists each session login and logout time of both users and ...