Hi CC Community.

Just want to drop some questions.
Im trying to achieve and enable this option in CC.



Like adding IP's there from a Windows AD server and other Machines. This way I can monitor the syslogs through CC UI.

My question is from AD server what services should we setup? And From CC side what configuration should we need to do?

Newbie517762 has solved this question and earned 10 coins.

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

HiHi,

Upon observing your screen capture, I noticed that it pertains to the SIP - China Version CC. It is distinct from the Global version of Cyber Command.
Should you possess knowledge of Chinese, I kindly provide you with the link for your reference:
日誌源對接:
Is this answer helpful?
faysalji Lv3Posted 20 Aug 2023 17:01
  
To enable remote syslog in CC, you need to do the following on both the AD server and the CC appliance:

**On the AD server:**

1. Enable the syslog service.
2. Configure the syslog service to send logs to the CC appliance.
3. Restart the syslog service.

**On the CC appliance:**

1. Go to **System** > **Log Management** > **Remote Syslog**.
2. Click **Add**.
3. Enter the IP address of the AD server.
4. Select the syslog protocol that you want to use.
5. Click **Save**.

Once you have configured both the AD server and the CC appliance, the syslogs from the AD server will be sent to the CC appliance. You can then view the syslogs in the CC UI.

Here are some additional details about the steps involved:

**Enabling the syslog service on the AD server:**

The syslog service is usually enabled by default on Windows servers. However, you can check to make sure that it is enabled by opening a command prompt and running the following command:

```
net start syslog
```

If the syslog service is not enabled, you can enable it by running the following command:

```
net start syslog /y
```

**Configuring the syslog service to send logs to the CC appliance:**

To configure the syslog service to send logs to the CC appliance, you need to edit the syslog.conf file. This file is located in the following directory:

```
C:\Windows\System32\LogFiles\Syslog
```

The syslog.conf file contains a list of syslog servers that the AD server will send logs to. To add the CC appliance to the list of syslog servers, you need to add the following line to the file:

```
*.* @<CC appliance IP address>:514
```

The `*.*` part of the line tells the syslog service to send all logs to the CC appliance. The `@<CC appliance IP address>:514` part of the line tells the syslog service to send the logs to the CC appliance on port 514.

**Restarting the syslog service:**

Once you have edited the syslog.conf file, you need to restart the syslog service for the changes to take effect. To do this, open a command prompt and run the following command:

```
net stop syslog
net start syslog
```

**Configuring remote syslog in CC:**

To configure remote syslog in CC, you need to go to **System** > **Log Management** > **Remote Syslog**. On the **Remote Syslog** page, you need to enter the following information:

* **IP address:** The IP address of the AD server.
* **Port:** The port number that the syslog service is listening on. The default port number is 514.
* **Protocol:** The syslog protocol that you want to use. The supported protocols are UDP and TCP.

Once you have entered the required information, click **Save**.

I hope this helps! Let me know if you have any other questions.
Newbie435016 Lv1Posted 15 Aug 2023 18:31
  
I submitted.
Newbie435016 Lv1Posted 15 Aug 2023 18:28
  
It seems like you're asking about configuration on the CC (Customer Center) side in a networking context. However, without more specific information about the type of device, network, or context you're referring to, I can provide you with a general outline of configuration considerations on the customer center side in a networking scenario. Please adapt these steps according to your specific situation:

Network Topology Understanding: Understand the network topology, including devices, connections, and their roles in the network.

IP Addressing: Configure appropriate IP addresses and subnet masks for devices within your network, considering both IPv4 and IPv6 if applicable.

Default Gateway: Set the default gateway to direct outbound traffic from devices to the appropriate network exit point.

VLAN Configuration: If using VLANs (Virtual LANs), configure VLAN IDs and assign appropriate ports to each VLAN to segment network traffic.

Routing Configuration: Set up routing protocols or static routes to ensure proper communication between different network segments or networks.

Firewall and Security: Configure firewalls to allow desired traffic and block unauthorized access. Implement security measures such as intrusion detection/prevention, access control lists (ACLs), and VPNs if needed.

DNS Configuration: Configure Domain Name System (DNS) settings to enable name resolution and access to internal and external resources.

Quality of Service (QoS): If needed, configure QoS to prioritize certain types of traffic over others for better network performance.

Network Monitoring: Set up network monitoring tools or systems to monitor the health, performance, and security of your network.

Backup and Recovery: Implement regular backup procedures for your network configurations, ensuring you can restore configurations in case of issues.

Documentation: Maintain detailed documentation of your network configuration, including IP addresses, device roles, passwords, and any other relevant information.

Testing: After making changes to configurations, thoroughly test the network to ensure proper functionality, connectivity, and security.

Vendor Guidelines: If you're working with specific devices or solutions, consult the official documentation and guidelines provided by the vendor or manufacturer.

Keep in mind that the specific configuration steps can vary widely based on the network equipment and technologies you're using. Always refer to the official documentation or seek expert advice when working with advanced configurations or unfamiliar devices.
Imran Tahir Lv4Posted 14 Aug 2023 17:48
  
Please open the  support ticket
Alizaan Lv2Posted 14 Aug 2023 15:30
  
Kindly do the following steps to achieve or enable this option in CC.

Step 1 = Goto NGAF Dashboard
Step 2 = Authentication Systems
Step 3 = Authentication
Step 4 = External Auth. Server
Step 5 = Click Add
Step 6 = Add LDAP Server

Hope it may helps you well.

Thanks alot
Farina Ahmed Lv5Posted 13 Aug 2023 17:04
  
I would suggest to open tac case for it Tech.Support@sangfor.com
Draiden Lv2Posted 11 Aug 2023 20:39
  
Solved the issue by using nxlog. Now SIP can parse Syslogs and etc.
Jami Ullah Lv2Posted 10 Aug 2023 14:50
  
Can you please share the English version of  CC snapshot?
Draiden Lv2Posted 10 Aug 2023 13:49
  
I can only see this one guide here but its not full.

I Can Help:

Change

Moderator on This Board

7
11
4

Started Topics

Followers

Follow

37
2
0

Started Topics

Followers

Follow

12
23
0

Started Topics

Followers

Follow

Trending Topics

Board Leaders