Deployment Architecture

How can I configure my deployment server to search logs located in /opt/logs/tmcm?

New Member

I have an indexer host siem2 to collect forwarded logs from Trendmicro Control Manager and it stores it in path /opt/logs/tmcm/

I want to know how to configure in the deployment server host siem1 to search the logs?

0 Karma



Your deployment server handles clients, if 'siem2' is an indexer, it accepts data inputs. Therefore, on your indexer, you simply need to add a input for /opt/logs/tmcm/ like below.

index=<index of your choice>
#You do not need the whitelist (this is an example below and is commented out)
#If you want to include certain file names from the 'tmcm' directory
disabled = 0
0 Karma