Apache ( Epilog ) Integration

Before beginning the configuration phase make sure that you have Epilog installed and running.

Epilog Configuration :

1. Login to the user interface using localhost:6162 then go to "Network Configuration" :

Select and submit the following information :

  • Destination Snare Server address : The IP address of the remote snare system.

  • Destination Port : Default is "514"

  • Enable SYSLOG Header.

  • Use alternate header.

  • SYSLOG Facility : "Local0"

  • SYSLOG Priority : "Information"

Once you provide those information click on "Change Configuration".

2. Now browse to the "Log Configuration" tab on the left side menu like so :

  • Provide and submit the following information :

    • Select the Log Type :

    • Log File or Directory :

      • Windows : "C:\Program Files\Apache Group\Apache2\Logs"

      • Linux : "/var/log/apache2/"

    • Log Name Format : "access.log"

 
 
3. Now submit the changes by browsing to "Apply the latest audit Configuration" then click on "Reload Settings" :
 
 

Logsign Configuration :

4. Go to "Settings" → "Device List" then click on "Add new device" :
 
 
5. Select "Syslog" as source type :
 
 
6. Select "Apache" :
 
 

7. Provide the following information :

  • Description : "Apache Web Server"

  • IP : The IP address of the remote Epilog system we previously configured.

Have more questions? Submit a request

Comments