Legacy Notifications Configuration Panel
The Legacy Notifications Configuration panel provides the ability to configure syslog and SNMP notification settings. These configurations are used for Entitlement, legacy Event Source Management (ESM), Warehouse Connector monitoring, and Archiver monitoring.
Procedures related to these settings are described in Configure Syslog and SNMP Settings.
Workflow
What do you want to do?
| Role | I want to ... | Show me how |
|---|---|---|
| Administrator | Configure Syslog Settings | Configure Syslog and SNMP Settings |
| Administrator | Configure SNMP Settings | Configure Syslog and SNMP Settings |
Related Topics
Quick Look
| 1 | Displays the Legacy Notification Configuration Panel. |
| 2 | Allows the user to configure syslog notifications for Entitlement, legacy Event Source Management (ESM), Warehouse Connector monitoring, and Archiver monitoring. |
| 3 | Allows the user to configure SNMP notifications for Entitlement, legacy Event Source Management (ESM), Warehouse Connector monitoring, and Archiver monitoring. |
The Legacy Notifications Configuration Panel consists of two sections: Syslog Settings and SNMP Settings.
Syslog Settings
The following table describes the available options for configuring syslog notifications for Entitlement, legacy Event Source Management (ESM), Warehouse Connector monitoring, and Archiver monitoring.
| Feature | Description |
|---|---|
| Enable | Enables the syslog settings configured here. |
| Server Name | Specifies the host where the target syslog process is running. |
| Server port | Specifies the port where the target syslog process is listening. |
| Facility | Specifies the designated syslog facility to use for all outgoing messages. Possible values are KERN, USER, MAIL, DAEMON, AUTH, SYSLOG, LPR, NEWS, UUCP, CRON, AUTHPRIV, FTP, LOCAL1 through LOCAL7. |
| Encoding | Specifies the encoding to use for text in syslog messages, for example, UTF-8. |
| Format | Specifies the message format. Possible values are: Default, PCI DSS, or SEC. |
| Protocol | Specifies the communications protocol used when sending syslogs: UDP or TCP. By default, the UDP protocol is selected. |
| Max length | Specifies the maximum length in bytes of any syslog message. The default value is 2048. Messages that exceed the maximum length are truncated when the Truncate overly large syslog messages checkbox is selected. |
| Truncate overly large syslog messages | When checked, any messages exceeding the maximum length are truncated. |
| Include the local timestamp in syslog messages | When checked, NetWitness includes the local timestamp in messages. |
| Include the local hostname in syslog messages | When checked, NetWitness includes the local hostname in syslog messages. |
| Optionally use IDENT protocol | When checked, NetWitness prepends the identity string to outgoing syslog alerts. |
| Identity string | This is an identity string to be prepended to each syslog alert. If the string is blank, no identity string is prepended to the outgoing syslog alerts. You can use this to identify the source of the alert. Users conventionally set it to the name of the program that sends the syslog message. |
| Apply | Applies the syslog configuration settings. |
SNMP Settings
The following table describes the available options for configuring SNMP notifications for Entitlement, legacy Event Source Management (ESM), Warehouse Connector monitoring, and Archiver monitoring.
| Feature | Description |
|---|---|
| Enable | Enables the SNMP settings configured here. |
| Server Name | Specifies the SNMP trap host. |
| Server port | Specifies the listening port on the SNMP trap host |
| SNMP version | Specifies the SNMP version, v1 or v2c. |
| Trap OID | Specifies the object ID for the SNMP trap on the trap host that receives the audit event. The default value is 0.0.0.0.0.1. |
| Community | Specifies the community string used to authenticate on the SNMP trap host, the default value is public. |
| Enable | Enables SNMP notifications as configured here. |
| Apply | Applies the SNMP configuration settings. |
