Forward Forcepoint product logs

Configure the Forcepoint product to forward Syslog messages in CEF to the LogSentinel Collector, using the following integration guides:

• Forcepoint CASB, page 258
• Forcepoint NGFW.
  • Set the Collector IP address as a target host
  • Set TCP as a service protocol
  • Set 2515 as port
  • Set CEF as format

Note

You must allow outgoing connections to the syslog server. To do that, follow this guide

Note

Make sure that all firewalls (including the firewall on the collector machine) allow connections to the collector port