DocumentationRelease Notes
Log In
Documentation

Trellix ESM Syslog Connector

Suggest Edits

Configure Trellix Syslog event forwarding

Trellix Enterprise Security Manager (ESM) is the foundation of the Trellix security information and event management solution (SIEM). You can create a connector to forward all data types to Trellix Enterprise Security Manager.

You must configure your Trellix SIEM Solution to receive Syslog data sources.

  1. In BeyondInsight, go to Configuration > General > Connectors.
  2. From the Connectors pane, click Create New Connector.
  3. Enter a name for the connector.
  4. Select Trellix Syslog Event Forwarding from the Connector Type list.
  5. Click Create Connector.
  6. Leave Active (yes) enabled.
  7. Select an optional syslog facility from the list.
  8. Provide the required details for the available output pipelines for the Trellix Syslog data source:
    • Select the protocol: TCP, TCP-SSL, or UDP.
    • Enter Host Name and Port.
  9. Select an output format: NewLine Delimited, Tab Delimited, or Comma Delimited.
  10. Expand Event Filters, and then select the events you want to forward.
  11. Click Test Connector to send a test event message.
  12. Click Create Connector.

ℹ️

Note

For more information, see the Trellix documentation for configuring a Syslog data source to SIEM solution.

Updated 5 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.