Use the Event Forwarding screen under this tab to configure the settings for events. To access this screen, go to Events > Config in PEM. Click Edit to create or select the location for storing events.
Following is the explanation of fields on this screen.
This field displays the location of the server that stores all events generated by PEM.
Select the target type from the drop-down. It consists of seven options as below:
· None (default)
· Elastic Search
· Splunk HTTP(S) with JSON
· Syslog TCP RFC-3164
· Syslog TCP RFC-3164 with JSON
· Syslog TCP RFC-6587
· Syslog TCP RFC-6587 with JSON
Note: On selecting None, the event logs get stored in PEM's internal elastic search.
Enter the URL of the server chosen in Target Type drop-down. This field does not appear when None is opted as target type.
Enter the index name to be used for Elastic Search. This field is visible when Elastic Search is chosen as target type.
Enter the token provided from Splunk server. This field is visible when Splunk is chosen as target type.