Realm.Security Documentation

Appearance

Realm Cloud Syslog

Create Source & Input feed

  1. In Realm, go to Sources > Add Source Realm Sources page

  2. Type a name for your Source, and select a Product Format for example: Palo Alto, Fortigate etc.

Realm Add Source page

  1. From your source page, Click Add Input feed button.
  2. Select Cloud Syslog and give it a representative name to identify the data source.

Add input feed

View Syslog Connection Details

In the Syslog connection details, you can find all the details necessary for configuring Syslog exporter in your vendor console.

  • Click ... > View action for the Cloud Syslog input feed.

View Syslog details

  • Copy Syslog Hostname, Port & Protocol and paste it in vendor Syslog export settings.
  • Copy Realm CA Certificate, save it to a file and add it as part of Syslog export settings in vendor console.

Update log sources

Update the on-prem log sources (Firewall/DNS router/Switches etc) to send logs to Realm Cloud.

  • See Fortigate guide for configuring Fortigate firewall to send data to Realm.

  • See Palo Alto guide for configuring Palo Alto firewall to send data to Realm.