Realm.Security Documentation

Appearance

Cloud Syslog Integration

Create a Source and Input Feed

  1. In Realm, go to Sources > Add Source.

Realm Sources page

  1. Enter a name for your source and select a Product Format (e.g., Palo Alto, Fortigate).

Realm Add Source page

  1. From the source page, click Add Input Feed.
  2. Select Cloud Syslog and give it a name to identify the data source.

Add input feed

View Syslog Connection Details

The Syslog connection details contain everything needed to configure the Syslog exporter in your vendor console.

  1. Click ... > View for the Cloud Syslog input feed.

View Syslog details

  1. Copy the Syslog Hostname, Port, and Protocol and enter them into the vendor Syslog export settings.
  2. Copy the Realm CA Certificate, save it to a file, and add it to the Syslog export settings in the vendor console.

Configure Your Log Sources

Update your on-premises log sources (firewalls, DNS routers, switches, etc.) to send logs to Realm Cloud.

  • See the Fortigate guide for configuring a Fortigate firewall to send data to Realm.
  • See the Palo Alto guide for configuring a Palo Alto firewall to send data to Realm.