We have a quick update to LOGbinder for SharePoint for all of you who are using Syslog to forward your SharePoint audit log to your favorite SIEM.
LOGbinder for SharePoint version 4.0.5 adds the following new features:
- Alternate Output Data Folder: It is now possible to change the default data folder, which is also used for the output data. This is the folder where LOGbinder stores its outputs that are written in files, as well as the diagnostic files. Now you can store these in a different folder, or on a different hard drive, or even in shared folder on a different server. You will find this useful, if you need to separate software and data, or you have the requirement of using minimal disk space on the hard drive where your programs are installed.
- Network locations for Syslog output: As a result of the above change, it is now possible to use network location for Syslog outputs, such as Syslog-Generic (File) and Syslog-CEF (File). These files, in turn, can be easily accessed by your SIEM.
- Test button for Syslog output: A "Test" button is now available for Syslog outputs that sends a test Syslog message using the specified address/port. When setting up LOGbinder to output to a Syslog server for your SIEM to collect the logs, the most difficult part can be to ensure that firewalls and other settings don't block the traffic from LOGbinder to the Syslog server. The "Test" button will assist you in setting up and testing this connection.
- Output file name clarification: The sample file name for the Syslog (File) outputs now correctly indicates that the date is included in the file name.
If you would like to take advantage of the above feature, please go ahead and download LOGbinder for SharePoint.
Optionally provide private feedback to help us improve this article...
Thank you for your feedback!