With the 7.1.2 release, maillogs can now be sent to a RSYSLOG server of your choice. To route maillogs to a SIEM or other RSYSLOG server, use the commands below. To route alerts from detection events, please see the "Configuring RSYSLOG Notifications" instructions for either WebUI or CLI provided in the relevant appliance User Guide.
logging <rsyslog_server_address> trap none
logging <rsyslog_server_address> trap override class mail priority info
- The EX 7.6.0 release adds the ability to specify protocol (UDP or TCP), port and whether to use a TLS encrypted tunnel.