![]() ![]() ![]() Configure your default domain and any Advanced Event Source Settings.Optionally, select the option to send unparsed data.This name will be used to name the log that contains the event data in Log Search. Select the event source type: Microsoft IIS. ![]() From the Security Data section, click Web Server Access Logs.From the left menu, go to Data Collection and click Setup Event Source > Add Event Source.To configure the new event source in InsightIDR: You will need a credential that has both Read Share permissions and Read NTFS permissions to access the IIS logs. Configure InsightIDR to receive data from the event sourceĪfter you complete the prerequisite steps and configure Microsoft IIS server logging, you must add the event source in InsightIDR. ![]() This option displays as an optional field at the end of the list of fields on the W3C Logging Fields screen. If you use a load balancer, you must configure an X-Forwarded-For header by following the instructions at: Fields must be specified in this exact order to be parsed (note that this is the default Microsoft IIS 10 format): You must also select sc-bytes (which represents the number of bytes sent by the server) from the list of unchecked fields.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |