- Site Collector Overview
- Get Started with Site Collectors
- Install Site Collector
- Set Up Collectors
- Sign Up for the Early Access Program: Site Collectors
- Set Up Archive Windows Collector
- Set Up Archive Linux Collector
- Set Up EStreamer Collector
- Set Up Fortinet Collector
- Set Up IBM Security QRadar Collector
- Set Up Kafka Collector
- Set Up Splunk Collector
- Set Up Linux File Collector
- Set Up Microsoft SQL Collector
- Set Up MySQL Collector
- Set Up Oracle Collector
- Set Up Syslog Collector
- Set Up Windows Active Directory Collector
- Set Up Windows Event Log Collector
- Set Up Windows File Collector
- Manage Site Collectors
- Site Collector Monitoring
- Troubleshoot the Site Collector
- Pre-checks failed during Site Collector installation and upgrade
- Site Collector UI shows the status INSTALLATION_ERROR
- Download Support Packages for Troubleshooting
- How to reboot the Virtual Machine (VM) successfully to apply security updates?
- What information must be added while creating a support ticket to resolve an issue?
- Site Collector UI is not displaying the heartbeats
- Splunk Collector can't be set up
- Splunk Collector is set up however, logs are not reaching DL/AA
- Only a few of the installed Splunk Collectors are processing logs or EPS has dropped by 50% as compared to last hour
- The Windows Active Directory Collector (formerly known as LDAP Collector) is set up, however, the context data is not reaching DL/AA
- The Windows Active Directory Collector (formerly known as LDAP Collector) is stuck in the ‘Update’ mode after deployment
- Installation is initiated; however, the collector shows the status as ‘Setting Up’ for some time
- Data Lake and Advanced Analytics Does Not Show Context Data
- Context Data from Windows Active Directory Collector is Segmented
- Minifi Permission Denied - Logback.xml File Missing and Config File Update - Failed Error Occurred while Installing the Windows Event Log Collector
- Where should I upload proxy certificates if I am running proxy with TLS interception?
- How to upgrade Linux collector instance?
Modify the Syslog Collector Configuration
In the Overview section in addition to viewing the status, trend, last day volume, and collector name, you can modify the Collector configuration by clicking the Collector instance. To modify the configuration for the Syslog Collector instance:
On the Exabeam Security Operations Platform home page, click the Collectors tile.
Select Site Collectors from the sub-menu.
The Overview section displays status groups, last day average volume, and a list of Site Collectors.
On the Overview tab, click the Syslog Collector instance for which you want to modify the configuration.
In the Event Type section, update the Syslog event type: Single Line or Multi-line.
In the Authentication section, update the protocol, UDP or TCP.
Click Definition to edit the collector name, change the site collector instance, and update the port. After the updates, click Next. Then click Update.
To stop or delete the Syslog Collector instance, in the upper right corner, click Stop or Delete. You can also upgrade or restart the collector.
Note
You can start a Collector instance that is stopped, by clicking Restart.
You can delete a Collector of which the status is 'Running'. You can delete a Site Collector instance of which the status is 'Setup Error' or 'Installation Error'.