- Requirements: CylanceON-PREM
- Configuring the CylanceON-PREM virtual appliance
- Configuring the console
- Log in to CylanceON-PREM
- Administrative dashboard
- Filter lists
- Export lists
- Setting up the CylancePROTECT agent
- Adding the CA certificate to endpoints
- Installing the CylancePROTECT Desktop agent for Windows
- Installing the CylancePROTECT Desktop agent for macOS
- Installing the CylancePROTECT Desktop agent for Linux
- Upgrading the CylancePROTECT Desktop agents
- Using virtual machines
- Device management
- Threat management
- Global lists
- Managing users
- Managing roles
- Update profile information
- Audit logs
- Managing Certificates
- Setting up email notifications
- Upgrade CylanceON-PREM
- Reboot the virtual appliance
- Configure session timeout
- Update CylanceON-PREM SSL certificate version 1.3.1 and later
- Update CylanceON-PREM SSL certificate version 188.8.131.52 and earlier
- Change the certificate cipher mode
- Enable maintenance mode
- Change network settings
- Check an IP address
- Change the log level
- Download logs
- Configure syslog/SIEM settings
- Update database connection settings
- Configure active directory
- Configure identity provider settings
- Using certificate-based authentication
- Add a banner to the login screen
- CylanceON-PREM API
- Agent not communicating with CylanceON-PREM
- Web browser reports insecure webpage
- Unable to connect to external database
- Configure static IP using the OVF tool
- Remote server 404 error in log files
- Log in with a local administrator account
- Online Certificate Status Protocol issues
- A user is not receiving email notifications
- Before you contact support
Configure syslog/SIEM settings
Administrators can figure
CylanceON-PREMversion 1.1.0 or higher to forward events from their
CylanceON-PREMvirtual appliance to a syslog server. The context of each event is Unicode plain text consisting of key-value pairs, separated by commas. Due to a size limitation of most Syslog servers, the details of each message (
Cylance-specific payload) is limited to 2048 characters.
The Threat Classifications event type is not available for
CylanceON-PREMbecause the virtual appliance does not communicate with the
- In the console, on the menu bar, clickConfiguration > Settings.
- Click beside Syslog/SIEM. This expands the Syslog settings.
- Click the Syslog/SIEM toggle to enable the feature. Use this toggle to enable or disable the feature without losing any settings.
- Configure the Syslog settings. For more information on syslog settings, see theCylanceSyslog Guide.With TLS/SSL enabled, administrators can add an SSL certificate instead of pasting in the certificate information. The certificate can be added after configuring Syslog settings. Make sure you save any changes to this section before navigating to the Certificates page (Configuration > Certificates) to ensure your changes are not lost. WithVerify Peer Modedisabled, the SSL certificate is not required. The connection is encrypted, butCylanceON-PREMwill not validate the peer certificate.UDP does not support notifications when the Syslog server shuts down.
- Click .
To upload an SSL certificate, go to the
Configuration > Certificatespage and add the certificate. See Add a certificate for more information.
To remove a Syslog server shut down notification, re-enable Syslog. If you no longer want to use Syslog, re-enable Syslog and then disable Syslog.