The scenario is like below-
Kaspersky Security Center 11 need to be send logs to Syslog Server then from Syslog server logs need to be sent to AlienVault SIEM.
is the above scenario is a good practice? If the scenario is set like the above then -
what will be the method from KSC11 to Syslog Server and then Syslog Server to SIEM….is that push or something else?
Thanks in Advance
Best answer by Kavuser10View original