Configuring Splunk Universal Forwarder on Forefront TMG 2010

By /

“…Aggregating logged data from security devices such as the Forefront Threat Management Gateway (TMG) 2010 firewall is a top priority for many security engineers. Forefront TMG and its predecessor, ISA Server, have always lacked an integrated facility to forward logged data to an external event management system. Often the administrator will have to devise an elaborate process that consists of batch files or scripts that collect firewall and web proxy logs and copy them to another location where they can be consumed. In the past I’ve demonstrated how third-party utilities can convert firewall log data to the syslog format as well…”

Check out Richard Hicks’ blog for the rest of the story at http://tmgblog.richardhicks.com/2011/07/26/configuring-splunk-universal-forwarder-on-forefront-tmg-2010/

HTH,

Deb

DEBRA LITTLEJOHN SHINDER
MVP (Enterprise Security)
“MS SECURITY”
[email protected]

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top